UL-SIFA is a tool that performs secure information flow analyses on a simple imperative language to ensure that no sensitive information is inadvertently leaked explicitly or implicitly. If necessary, UL-SIFA also produces an instrumented version of the code to do additional checks at runtime.
UL-SIFA uses a three-valued type system to statically check non-interference. In addition to the usual two main security levels, public (or Low) and private (or High), a third security level, Unknown, is used to captures the possibility that we may not know, before execution, whether the information is public or private. Standard two-valued analysis has no choice but to be pessimistic with uncertainty and hence generate false positive alarms. If uncertainty arises during the analysis, the instruction in cause is tagged; in a second step, instrumentation at every such point together with dynamic analysis will allow us to head to a more precise result than purely static approaches. This reduces false alarms, while introducing a light runtime overhead by instrumenting only when there is a need for it.