Program Monitoring
Ulfar Erlingsson  Microsoft Research

Sample Vulnerability Discovery
(SolarDesigner01)
  Heap structure exploits
    - glibc vulnerability can be carried over to NT heap
      manager

Java IRM: PSLang, PoET

Elements of IRM Spec
  - add security state
     -- rich set of data structures available
     -- not visible to original program
  - events trigger security updates
     -- update: computation on security state

Elements of PSLang
  - seperation of load- vs. run-time
      -- load-time synthesis of extended semantics
  - designed for partial evaluation
      -- run-time-constant data structures
      -- side-effect-free functions
  - global and context-local state
      -- local tied to classes or object instances
  - complete modular and extendable


