JCSI Wiki
JCSI is a prototype tool for the analysis of Java Card CAP files.
Brought to you by:
paolomasci
Welcome to your wiki!
This is the default page, edit it as you see fit. To add a new page simply reference it within brackets, e.g.: [SamplePage].
The wiki uses Markdown syntax.
JCSI: A Tool for Checking Secure Information Flow in Java Card Applications
JCSI is a prototype tool for the analysis and visualisation of Java Card CAP files. The analysis method implemented in the tool is based on the theory of abstract interpretation and a multi-level security policy assignment. Actual values of variables are abstracted into security levels, and bytecode instructions are executed over an abstract domain. The tool can be used for discovering security issues due to explicit or implicit information flows and for checking security properties of Java Card applications downloaded from untrusted sources.
Reference Publications
JCSI: A Tool for Checking Secure Information Flow in Java Card Applications.
M. Avvenuti, C. Bernardeschi, N. De Francesco, P. Masci
In Journal of Systems & Software, 85(11), pp. 2479-2493, 2012, ISSN 0164-1212.
Downloads
User manual
Pacap example
Pre-compiled JCSI (ver.1.2
Screenshots
Last edit: Paolo Masci 2013-06-26