Flow Caml

The Flow Caml system is a prototype implementation of an information flow analyzer for the Caml language. It has been publicly announced on 2003-07-01.

It consists in an extension of the OCaml with a type system tracing information flow. Its purpose is basically to allow to write "real" programs and to automatically check that they obey some confidentiality or integrity policy. In Flow Caml, standard ML types are annotated with security levels chosen in a user-definable lattice. Each annotation gives an approximation of the information that the described expression may convey. Because it has full type inference, the system verifies, without requiring source code annotations, that every information flow caused by the analyzed program is legal with regard to the security policy specified by the programmer.

Technically speaking, Flow Caml is also one of the first real-size implementations of a programming language equipped with a type system that features simultaneously subtyping, ML polymorphism and full type inference.

Flow Caml handles a large part of the OCaml language, including datatypes and pattern-matching, imperative features (mutable objects, exceptions, ...), and the module language. It can be used either as a standalone, batch-oriented compiler that produces regular OCaml code, or as an interactive, toplevel-based system.

If you are interested in experimenting Flow Caml, but you encounter some difficulties, please feel free to contact me.

A Flow Caml type scheme

Distribution

The source distribution of version 1.07 is available for download. It should compile on almost any UNIX machine (including the Cygwin environment), where GNU Make and OCaml 3.12 are installed. More information about installation can be found in the files README and src-flowcaml/INSTALL of the distribution.

A binary distribution of version 1.01 for Windows operating systems is also provided. It should run "out of the box", without installing any extra software: uncompress the ZIP archive somewhere in your file system and run flowcaml.exe to start the toplevel.

Read-only CVS access to the whole sources is available through the Caml anonymous CVS server.

The Flow Caml system is distributed under the terms of the Q Public License (see the LICENSE file of the distribution for the details).

Documentation

A documentation of the Flow Caml system is available on this server. It includes a comprehensive tutorial which introduces the various features of the language and its type system. It has been written in the purpose to be understable by everyone who has some knowledge in programming in Caml (or another ML dialect).

The source files of the complete example given at the end of Chapter 2 of the documentation can be downloaded here: flowcaml-example.tar.gz.