Paper on control flow analysis to break up applications into compartments. This work led by Khilan Gudka introduced SOAAP (Security-Oriented Analysis of Application Programs), a tool for exploring compartmentalization hypotheses in existing C software. The system uses static and dynamic analysis driven by source code annotations to help programmers evaluate different strategies for decomposing applications into sandboxed components. This semi-automated approach addresses the difficulty of adapting legacy software for security compartmentalization while maintaining correctness and performance.
Read more about Exploring Compartmentalisation Hypotheses with SOAAP.