JOANA

Tool Demonstration: JOANA. JOANA is a tool for information flow control, which can handle full Java with unlimited threads and scales to ca. 100 kLOC. JOANA uses a new algorithm for checking probabilistic noninterference, named RLSOD. JOANA uses a stack of sophisticated program analysis techniques which minimise false alarms. JOANA is open source (joana.ipd.kit.edu) and offers an Eclipse GUI as well as an API. The current tool demonstration paper concentrates on JOANA’s precision. Effects of flow-sensitivity, context-sensitivity, and object-sensitivity are explained, as well as precision gains from the new RLSOD criterion.