{API} blindspots: Why experienced developers write vulnerable code

DS Oliveira, T Lin, MS Rahman, R Akefirad… - … Symposium on Usable …, 2018 - usenix.org
Despite the best efforts of the security community, security vulnerabilities in software are still
prevalent, with new vulnerabilities reported daily and older ones stubbornly repeating …

Obsidian: a safer blockchain programming language

M Coblenz - 2017 IEEE/ACM 39th international conference on …, 2017 - ieeexplore.ieee.org
Blockchain platforms, such as Ethereum, promise to facilitate transactions on a
decentralized computing platform among parties that have not established trust. Recognition …

PLIERS: a process that integrates user-centered methods into programming language design

M Coblenz, G Kambhatla, P Koronkevich… - ACM Transactions on …, 2021 - dl.acm.org
Programming language design requires making many usability-related design decisions.
However, existing HCI methods can be impractical to apply to programming languages …

Characterizing the usage, evolution and impact of java annotations in practice

Z Yu, C Bai, L Seinturier… - IEEE Transactions on …, 2019 - ieeexplore.ieee.org
Annotations have been formally introduced into Java since Java 5. Since then, annotations
have been widely used by the Java community for different purposes, such as compiler …

Could I have a stack trace to examine the dependency conflict issue?

Y Wang, M Wen, R Wu, Z Liu, SH Tan… - 2019 IEEE/ACM 41st …, 2019 - ieeexplore.ieee.org
Intensive use of libraries in Java projects brings potential risk of dependency conflicts, which
occur when a project directly or indirectly depends on multiple versions of the same library …

Blindspots in Python and Java APIs result in vulnerable code

Y Brun, T Lin, JE Somerville, EM Myers… - ACM Transactions on …, 2023 - dl.acm.org
Blindspots in APIs can cause software engineers to introduce vulnerabilities, but such
blindspots are, unfortunately, common. We study the effect APIs with blindspots have on …

Pluggable type inference for free

M Kellogg, D Daskiewicz, LND Nguyen… - 2023 38th IEEE/ACM …, 2023 - ieeexplore.ieee.org
A pluggable type system extends a host programming language with type qualifiers. It lets
programmers write types like unsigned int, secret string, and nonnull object. Typechecking …

Can advanced type systems be usable? an empirical study of ownership, assets, and typestate in obsidian

M Coblenz, J Aldrich, BA Myers… - Proceedings of the ACM on …, 2020 - dl.acm.org
Some blockchain programs (smart contracts) have included serious security vulnerabilities.
Obsidian is a new typestate-oriented programming language that uses a strong type system …

Garbage collection makes rust easier to use: A randomized controlled trial of the bronze garbage collector

M Coblenz, ML Mazurek, M Hicks - Proceedings of the 44th International …, 2022 - dl.acm.org
Rust is a general-purpose programming language that is both type-and memory-safe. Rust
does not use a garbage collector, but rather achieves these properties through a …

Interdisciplinary programming language design

M Coblenz, J Aldrich, BA Myers… - Proceedings of the 2018 …, 2018 - dl.acm.org
Approaches for programming language design used commonly in the research community
today center around theoretical and performance-oriented evaluation. Recently, researchers …