Latest COVID-19 Information for Purdue University

The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Jens Palsberg - CERIAS

"Software Security via Aspect-Oriented Programming?"

Sep 19, 1997


Aspect-oriented programming (AOP) aims at improving the quality of software by decreasing the level of code tangling. It has been successfully used for image processing, sparse matrix algorithms, and distributed programming. The observation motivating AOP is that there are design decisions that cannot be captured by writing a function, object, or module. Such design decisions lead to pieces of code that are spread all over the program. For example, the coordination of distributed processes often requires a little bit of code "everywhere". The idea of AOP is write such design decisions as separate so-called aspects, and then use a weaver to produce the actual woven code. Thus, an aspect-oriented program looks like:

basic code + one or more aspects

For example, an image processing system was first programmed as 756 lines of nice, slow code. Then a highly efficient version was programmed as 35213 lines of code. Third, an AOP version was done by adding 352 lines of aspect code to the nice and slow program. The woven version was only about four times slower than the hand-optimized version, and it allocated much fewer intermediate images. The inventors of AOP claim that:

  • an optimizing compiler is unlikely to do as good a job as the aspects
  • plus the weaver,
  • the weaver is a simple piece of software (in the case studies so far), and
  • the basic part of the code stays the same, more or less, when aspects are added. So the message is:

Don't do tangled code and complicated optimizing compilers; instead do separate aspects and simple weavers.

How about software security? Are there security aspects that we can program separately and then weave in afterwards? In this talk I will present aspect-oriented programming with the aim of generating discussion.

Aspect-oriented programming is being developed at Xerox PARC by Gregor Kiczales, John Lamping, Cristina Lopes, and others. The AOP webpage is at:

About the Speaker

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...

Ways to Watch


Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!