Computer scientists at Carnegie Mellon University have designed a programming method which allows the use of numerous other programming languages within the same framework, known as Wyvern. It empowers programmers to use the language most suitable for each function and also does this securely against code injection attacks, which is currently one of the most severe security threats in Web applications.
Jonathan Aldrich is the associate professor in the Institute for Software Research (ISR) and is leading the research group that is designing the programming language. “Wyvern is like a skilled international negotiator who can smoothly switch between languages to get a whole team of people to work together,” Aldrich said. “Such a person can be extremely effective and, likewise, I think our new approach can have a big impact on building software systems.”
Instead of writing the entire program using a general purpose language, Wyvern enables the user to construct programs using various domain-specific languages, such as SQL for querying databases or HTML for constructing Web pages, as sublanguages. Wyvern determines which sublanguage is being used within the program based on the type of data that the programmer is manipulating. Types specify the format of data, such as alphanumeric characters, floating-point numbers or more complex data structures, such as Web pages and database queries. The type provides context, enabling Wyvern to identify a sublanguage associated with that type.
“With Wyvern, we’re allowing you to use these languages, and define new ones, without worrying about composition,” said Cyrus Omar, a Ph.D. student in the Computer Science Department and the lead designer of Wyvern’s type-specific language approach.
Wyvern still remains a work in progress, Omar points out, but being an open source project, it is available for experimental use by early adopters. More information is available here.
