1. Summary
  2. Files
  3. Support
  4. Report Spam
  5. Create account
  6. Log in

Welcome to CesTa project

CesTa (Code Enhancing Security Transformation and Analysis) is a tool for enhancing security by program transformations.

Although the tool is language-independent, build-in bundle of transformations is focused on improving security of Java Card applications. Sample transformations were designed to improve resiliency against various threats like power analysis, error induction, atomicity of transactions or can add runtime checking of state transitions.

Main features

  • Easy to integrate with development process
    • Transformations are executed via Apache Ant with support for Ant's types like Resource Collections, File selectors or Mappers
  • Easy to customize
  • Easy to extend by new transformations
    • Transformations are Java classes, that implement simple interface and are dynamically loaded from configurable classpath


Work in progress

Build-in transformations are already pretty robust and can be used for transforming your source files. However, the project is still in development and we really need feedback from anyone, who is interested in this topic. The wiki is in early stage and the best documentation can be found in sample build scripts and source code (JavaDoc API).


This project is released under the BSD license.

More information


Jiří Kůr, who participates on the Cesta project is supported by the project GD102/09/H042 “Mathematical and Engineering Approaches to Developing Reliable and Secure Concurrent and Distributed Computer Systems” of the Czech Science Foundation.