We review the existing literature on Java safety, emphasizing formal approaches, and the
impact of Java safety on small footprint devices such as smartcards. The conclusion is that …

Extensible typesafe systems, such as Java, rely critically on a large and complex software
base for their overall protection and integrity, and are therefore difficult to test and verify …

Java is typically compiled into an intermediate language, JVML, that is interpreted by the
Java Virtual Machine. Because mobile JVML code is not always trusted, a bytecode verifier …

We discuss abstractions for protection and the correctness of their implementations. Relying
on the concept of full abstraction, we consider two examples:(1) the translation of Java …

We discuss abstractions for protection and the correctness of their implementations. Relying
on the concept of full abstraction, we consider two examples:(1) the translation of Java …

This paper introduces the subset μJava of Java, essentially by omitting everything but
classes. The type system and semantics of this language (and a corresponding abstract …

This paper describes the motivation, architecture and performance of a distributed virtual
machine (DVM) for networked computers. DVMs rely on a distributed service architecture to …

In previous work, we presented a Typed Assembly Language (TAL). TAL is sufficiently
expressive to serve as a target language for compilers of high-level languages such as ML …

Using the theorem prover Isabelle/HOL we have formalized and proved correct and
executable bytecode verifier in the style of Kildall's algorithm for a significant subset of the …

This paper presents STAL, a variant of Typed Assembly Language with constructs and types
to support a limited form of stack allocation. As with other statically-typed low-level …