by Trevor Jim, Greg Morrisett, Dan Grossman, Michael Hicks, James Cheney, and Yanling Wang
Cyclone is a safe dialect of C. It has been designed from the ground up to prevent the buffer overflows, format string attacks, and memory management errors that are common in C programs, while retaining Cís syntax and semantics. This paper examines safety violations enabled by Cís design, and shows how Cyclone avoids them, without giving up Cís hallmark control over low-level details such as data representation and memory management.
Download the paper in PDF format here
Cyclone can be downloaded here