This paper is from a few years ago about verifying programs that span multiple languages / runtimes:
http://www.ccs.neu.edu/home/amal/papers/verifcomp.pdf
We need to get these concepts into mainstream tools. SQL certainly seems to be the low-hanging fruit (simple, straightfoward typing, widely used and understood, frequent errors lead to security problems).
This paper is from a few years ago about verifying programs that span multiple languages / runtimes:
http://www.ccs.neu.edu/home/amal/papers/verifcomp.pdf
We need to get these concepts into mainstream tools. SQL certainly seems to be the low-hanging fruit (simple, straightfoward typing, widely used and understood, frequent errors lead to security problems).