GuideForce: Type-Based Enforcement of Programming Guidelines.

In this paper, we introduce the GuideForce project, whose aim is to develop automatic methods based on type systems and abstract interpretation that are capable of checking that programming guidelines related to secure web programming are correctly and reasonably applied. We outline the project plan and motivation and then describe a pilot study carried out with Soot, a Java-based program analysis framework. While still maintaining high accuracy and efficiency, the focus on guidelines adds a new human-oriented component to static analysis.