Skip to main content

Sanitizing Sensitive Data: How to Get It Right (or at Least Less Wrong…)

  • Conference paper
  • First Online:
Reliable Software Technologies – Ada-Europe 2017 (Ada-Europe 2017)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 10300))

Included in the following conference series:


Coding standards and guidance for secure programming call for sensitive data to be “sanitized” before being de-allocated. This paper considers what this really means in technical terms, why it is actually rather difficult to achieve, and how such a requirement can be realistically implemented and verified, concentrating on the facilities offered by Ada and SPARK. The paper closes with a proposed policy and coding standard that can be applied and adapted to other projects.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions


  1. CESG. Coding Requirements and Guidance (IA Developers’ Note 6), CESG, Issue 1.1, October 2015.

  2. US CERT. SEI CERT C Coding Standard.

  3. ISO/SC22/WG23. Information Technology — Programming Languages — Guidance to avoiding vulnerabilities in programming languages through language selection and use. TR 24772 (2013).

  4. Mitre Corp. Common Weakness Enumeration (CWE).

  5. Cryptography Coding Standard Project.

  6. Aho, A.V., Lam, M.S., Sethi, R., Ullman, J.D.: Compilers: Principles, Techniques and Tools, 2nd edn. Pearson, Upper Saddle River (2013). ISBN 978-1292024349

    Google Scholar 

  7. Percival, C.: Zeroing Buffers is Insufficient.

  8. Programming Langauges – C. ISO/IEC 9899:2011 (2011).

  9. Programming Langauges – C++. ISO/IEC 14822:2011 (2011).

  10. Barnes, J.: With Altran Praxis. SPARK: The Proven Approach to High-Integrity Software (2012). ISBN: 978-0-9572905-0-1

    Google Scholar 

  11. McCormick, J.W., Chapin, P.C.: Building High-Integrity Applications with SPARK. Cambridge University Press, Cambridge (2015). ISBN 978-1-107-04073-1

    Google Scholar 

  12. SPARK 2014 Community Site.

  13. Consolidated Ada 2012 Language Reference Manual. ISO/IEC 8652:2012/Cor 1:2016 (2016).

  14. Regehr, J., Eide, E.: Volatiles are miscompiled and what to do about it. In: Proceedings of the Eighth ACM and IEEE International Conference on Embedded Software (EMSOFT), Atlanta, Georgia, October 2008. doi:10.1145/1450058.1450093,

  15. Comar, C., Dismukes, G., Gasperoni, F. The GNAT implementation of controlled types. In: Proceedings of Tri-Ada 1994, Baltimore. ACM Press (1994). doi:10.1145/376503.376724

  16. Kirtchev, H.: A new robust and efficient implementation of controlled types in the GNAT compiler. In: Proceedings of High-Integrity Language Technology 2012, ACM SIGAda Letters, vol. 32, issue. 3 pp. 43–50 (2012). doi:10.1145/2402676.2402693

  17. GNAT sources at

  18. GCC Online Documentation. Chap. 24 – Link Time Optimization.

  19. LLVM Compiler Infrastructure. Link Time Optimization: Design and Implementation.

  20. Leroy, X.: Formal verification of a realistic compiler. Commun. ACM, 52(7), (2009). doi:10.1145/1538788.1538814

  21. Kang, J., Kim, Y., Hur, C-K., Dreyer, D., Vafeiadis, V.: Lightweight verification of separate compilation. In: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL) 2016, pp. 178–190. ACM Press. doi:10.1145/2837614.2837642

Download references


The author would like to thank Robert Seacord, Florian Schanda, Bill Ellis and the conference reviewers for their comments on earlier drafts of this paper.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Roderick Chapman .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Chapman, R. (2017). Sanitizing Sensitive Data: How to Get It Right (or at Least Less Wrong…). In: Blieberger, J., Bader, M. (eds) Reliable Software Technologies – Ada-Europe 2017. Ada-Europe 2017. Lecture Notes in Computer Science(), vol 10300. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-60587-6

  • Online ISBN: 978-3-319-60588-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics