Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn about a practical static analysis tool designed to identify privacy bugs in Rust programs through this 20-minute conference presentation from OSDI '25. Discover how Paralegal addresses the limitations of existing code analysis tools by distributing work between program analyzers, privacy engineers, and application developers. Explore the tool's innovative approach using high-level privacy policies expressed over markers that developers apply to source code entities, and understand how it leverages Rust's ownership type system to model library code behavior through Program Dependence Graphs (PDGs). Examine the evaluation results from eight real-world applications where Paralegal successfully identified genuine privacy bugs, including two previously unknown vulnerabilities, while demonstrating superior policy support compared to information flow control and CodeQL. Gain insights into the tool's interactive deployment capabilities and the maintainability of its marker system as codebases evolve.
