Formal approaches to secure compilation: A survey of fully abstract compilation and related work
Secure compilation is a discipline aimed at developing compilers that preserve the security
properties of the source programs they take as input in the target programs they produce as …
properties of the source programs they take as input in the target programs they produce as …
Journey beyond full abstraction: Exploring robust property preservation for secure compilation
Good programming languages provide helpful abstractions for writing secure code, but the
security properties of the source language are generally not preserved when compiling a …
security properties of the source language are generally not preserved when compiling a …
Secure compilation to protected module architectures
A fully abstract compiler prevents security features of the source language from being
bypassed by an attacker operating at the target language level. Unfortunately, developing …
bypassed by an attacker operating at the target language level. Unfortunately, developing …
Dimsum: A decentralized approach to multi-language semantics and verification
Prior work on multi-language program verification has achieved impressive results,
including the compositional verification of complex compilers. But the existing approaches to …
including the compositional verification of complex compilers. But the existing approaches to …
Secure compilation to modern processors
We present a secure (fully abstract) compilation scheme to compile an object-based high-
level language to low-level machine code. Full abstraction is achieved by relying on a fine …
level language to low-level machine code. Full abstraction is achieved by relying on a fine …
A fully abstract trace semantics for general references
J Laird - International Colloquium on Automata, Languages …, 2007 - Springer
We describe a fully abstract trace semantics for a functional language with locally declared
general references (a fragment of Standard ML). It is based on a bipartite LTS in which …
general references (a fragment of Standard ML). It is based on a bipartite LTS in which …
When good components go bad: Formally secure compilation despite dynamic compromise
We propose a new formal criterion for evaluating secure compilation schemes for unsafe
languages, expressing end-to-end security guarantees for software components that may …
languages, expressing end-to-end security guarantees for software components that may …
Secure compilation and hyperproperty preservation
M Patrignani, D Garg - 2017 IEEE 30th Computer Security …, 2017 - ieeexplore.ieee.org
The area of secure compilation aims to design compilers which produce hardened code that
can withstand attacks from low-level co-linked components. So far, there is no formal …
can withstand attacks from low-level co-linked components. So far, there is no formal …
Beyond good and evil: Formalizing the security guarantees of compartmentalizing compilation
Y Juglaret, C Hritcu, AA De Amorim… - 2016 IEEE 29th …, 2016 - ieeexplore.ieee.org
Compartmentalization is good security-engineering practice. By breaking a large software
system into mutually distrustful components that run with minimal privileges, restricting their …
system into mutually distrustful components that run with minimal privileges, restricting their …
[PDF][PDF] Trace-based Deductive Verification.
Contracts specifying a procedure's behavior in terms of pre-and postconditions are essential
for scalable software verification, but cannot express any constraints on the events occurring …
for scalable software verification, but cannot express any constraints on the events occurring …