Ariadne: A minimal approach to state continuity
R Strackx, F Piessens - 25th USENIX Security Symposium (USENIX …, 2016 - usenix.org
Protected-module architectures such as Intel SGX provide strong isolation guarantees to
sensitive parts of applications while the system is up and running. Unfortunately systems in …
sensitive parts of applications while the system is up and running. Unfortunately systems in …
Secure compilation to protected module architectures
A fully abstract compiler prevents security features of the source language from being
bypassed by an attacker operating at the target language level. Unfortunately, developing …
bypassed by an attacker operating at the target language level. Unfortunately, developing …
When good components go bad: Formally secure compilation despite dynamic compromise
We propose a new formal criterion for evaluating secure compilation schemes for unsafe
languages, expressing end-to-end security guarantees for software components that may …
languages, expressing end-to-end security guarantees for software components that may …
Beyond good and evil: Formalizing the security guarantees of compartmentalizing compilation
Y Juglaret, C Hritcu, AA De Amorim… - 2016 IEEE 29th …, 2016 - ieeexplore.ieee.org
Compartmentalization is good security-engineering practice. By breaking a large software
system into mutually distrustful components that run with minimal privileges, restricting their …
system into mutually distrustful components that run with minimal privileges, restricting their …
Linear capabilities for fully abstract compilation of separation-logic-verified code
Separation logic is a powerful program logic for the static modular verification of imperative
programs. However, dynamic checking of separation logic contracts on the boundaries …
programs. However, dynamic checking of separation logic contracts on the boundaries …
[HTML][HTML] The meaning of memory safety
We give a rigorous characterization of what it means for a programming language to be
memory safe, capturing the intuition that memory safety supports local reasoning about …
memory safe, capturing the intuition that memory safety supports local reasoning about …
Rich specifications for Ethereum smart contract verification
Smart contracts are programs that execute in blockchains such as Ethereum to manipulate
digital assets. Since bugs in smart contracts may lead to substantial financial losses, there is …
digital assets. Since bugs in smart contracts may lead to substantial financial losses, there is …
Verified compilers for a multi-language world
A Ahmed - 1st Summit on Advances in Programming Languages …, 2015 - drops.dagstuhl.de
Though there has been remarkable progress on formally verified compilers in recent years,
most of these compilers suffer from a serious limitation: they are proved correct under the …
most of these compilers suffer from a serious limitation: they are proved correct under the …
Securing Verified IO Programs Against Unverified Code in F
We introduce SCIO*, a formally secure compilation framework for statically verified programs
performing input-output (IO). The source language is an F* subset in which a verified …
performing input-output (IO). The source language is an F* subset in which a verified …
Model checking for symbolic-heap separation logic with inductive predicates
J Brotherston, N Gorogiannis, M Kanovich… - ACM SIGPLAN …, 2016 - dl.acm.org
We investigate the* model checking* problem for symbolic-heap separation logic with user-
defined inductive predicates, ie, the problem of checking that a given stack-heap memory …
defined inductive predicates, ie, the problem of checking that a given stack-heap memory …