Chile and Germany provide national research funding for the development of a new technique known as Gradual Abstract Interpretation ensuring the error-free and safe application of programming languages
11 June 2024
Researchers at Johannes Gutenberg University Mainz (JGU) and the University of Chile collaborate in a new joint project aiming to improve computing program analysis. They will receive funding worth EUR 450,000 in total over the next three years from the German Research Foundation (DFG) and ANID, the state agency responsible for promoting research in Chile. About EUR 350,000 of this funding will go to JGU. "Thanks to this support, we have been able to set up the first collaborative research project of the universities of Mainz and Chile in the field of computer science," said Professor Sebastian Erdweg of the JGU Institute of Computer Science. "The starting point for our joint project proposal was my nine-week stay as a visiting professor at the University of Chile in the fall of 2022." For his sabbatical, Erdweg had been looking for potential collaborators and came into contact with the University of Chile, which is one of the leading computer science research institutions in South America.
Early detection of vulnerabilities in WebAssembly
In the DFG/ANID-sponsored project, Professor Sebastian Erdweg will join forces with Professor Éric Tanter and Professor Matías Toro Ipinza of the Department of Computer Sciences at the University of Chile, recognized specialists in the field of programming languages. They will improve program analysis methods and apply them to the open web platform WebAssembly, the aim being to ensure that security vulnerabilities can be quickly identified. WebAssembly is a relatively new programming language that can be employed by all browsers and run on almost all devices. Studies have shown that WebAssembly is vulnerable to cyber attacks with all their potential risks. "Our aim is to improve the speed and security of WebAssembly by identifying and addressing security vulnerabilities as well as eliminating redundant protective measures." Erdweg emphasizes the importance of significant methodological progress to achieve these ambitious goals. Thus, the researchers plan to create a technique of program analysis called Gradual Abstract Interpretation.
Gradual Abstract Interpretation as a combination of abstract interpretation and gradual typing
The project partners will take a two-sided approach based on their specific research expertise. Professor Sebastian Erdweg and his team will study program analysis aspects that supply information on programming codes without the necessity of actually running the program in question. Their Chilean counterparts will contribute their skills in gradual typing. "It is not possible to verify all attributes of programs before they are actually running. By taking a gradual approach, we can run a program and then verify, while it is running, whether it is secure or not. In the latter case, we can simply abort it", is how Erdweg clarified the basic concept of Gradual Abstract Interpretation.
This research project will combine the Chilean team's expertise in gradual typing and the German team's experience in abstract interpretation to develop an extensively interconnected hybrid analysis technique on a well-founded theoretical basis. "We want to be able to validate as much as possible of a program before its actual execution," added Erdweg. In this context, Erdweg emphasized that this project resulted from his sabbatical.
Chilean-German collaboration with the support of the German Research Foundation and ANID
The purpose of the shared DFG/ANID funding scheme is to bring together researchers from Germany and Chile to design and carry out jointly organized research projects of outstanding scientific quality. Within these research teams, each national funding organization is funding those project components that are carried out within its own country.
Together with his team in Mainz, Professor Sebastian Erdweg works on programming abstractions, programming languages, and programming tools designed to simplify the development and maintenance of complex software systems. In November 2023, he was awarded an ERC Consolidator Grant worth EUR 2 million to enable him to develop an automated method of incremental computation that will allow software to run more efficiently.