> Detecting Format-String Vulnerabilities with Type Qualifiers
> Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, and David Wagner. In
> 10th USENIX Security Symposium, August 2001.
>
> - some IBM guys have also been using CQUAL (one appeared in Usenix
> Security '02, and another is appearing in ACM CCS '02), but their papers
> aren't easily available online
>
> Related work: http://www.cs.berkeley.edu/~jfoster/cqual/
>
> ---- Dave Wagner has done a bunch of related work
>
> MOPS: an Infrastructure for Examining Security Properties of Software.
> Hao Chen and David Wagner. To appear at ACM CCS 2002.
>
> Detecting Format String Vulnerabilities With Type Qualifiers
> Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, and David Wagner. 10th
> USENIX Security Symposium, 2001.
>
> Intrusion Detection via Static Analysis.  David Wagner and Drew Dean.
> 2001 IEEE Symposium on Security and Privacy.
>
> All available here:  http://www.cs.berkeley.edu/~daw/papers/
>
> ---- And you can't forget Dawson Engler's more ad-hoc checking that
> ---- programs follow the rules imposed by various APIs (e.g., you
> ---- free a lock exactly once after you acquire it)
>
> Checking System Rules Using System-Specific, Programmer-Written Compiler
> Extensions. Dawson Engler, Benjamin Chelf, Andy Chou, and Seth Hallem.
> OSDI 2000
>
> Related work: http://metacomp.stanford.edu/
>
>
> ---- More generically, there's the work on extended static checking
> ---- (pre-conditions, post-conditions, data structure invariants, ...)
>
> One of the papers on Extended Static Checking (for Java, Modula-3, and
> other systems)
> Related work: http://www.research.compaq.com/SRC/esc/Esc.html
>
> ---- It makes
> ---- sense to also cover George Necula/Peter Lee, and Andrew Appel's
> ---- work on proof-carrying code:
>
> Necula's stuff: http://raw.cs.berkeley.edu/papers.html
> - also includes "CCured", retrofitting real types into the C language
>
> Appel's stuff: http://www.cs.princeton.edu/sip/pub/index.php3
> A Semantic Model of Types and Machine Instructions for Proof-Carrying
> Code, Andrew W. Appel and Amy P. Felty, 27th ACM SIGPLAN-SIGACT
> Symposium on Principles of Programming Languages (POPL '00), pp.
> 243-253, January 2000.
>
> ---- You might also want to talk about some of the work on programming
> ---- languages specifically for active networks, where they want to
> ---- guarantee resource bounds
>
> http://www.cis.upenn.edu/~switchware/PLAN/

Other topics we might consider also include

    * garbage collection algorithms for time constrained systems
     (real-time), collection techniques for immortal memory
    * scoped memory and regions (RTJ, cyclone)
    * memory usage reduction techniques (code
       compression, data representation optimization)
    * scheduling algorithms for RT languages
    * reactive programming
    * resource-aware compilation techniques
    * verification and validation of space/time properties
    * implementation techniques for dynamic languages (C#, Java, ...)
    * compiler analysis and optimization