There is also a research paper: Modular and constraint-based information flow inference for an object-oriented language, by Qi Sun, Anindya Banerjee, and David Naumann, which appeared in the 11th International Static Analysis Symposium SAS 2004 pages 84-99.
You might also be interested in related tools by other research groups: the Jif project or Flow Caml.
SecJ uses the java libraries SableCC and PolyGlot, which in turn depend on JavaCup and JFlex.