Formal approaches to secure compilation: A survey of fully abstract compilation and related work
Secure compilation is a discipline aimed at developing compilers that preserve the security
properties of the source programs they take as input in the target programs they produce as …
properties of the source programs they take as input in the target programs they produce as …
Nemesis: Studying microarchitectural timing leaks in rudimentary CPU interrupt logic
Recent research on transient execution vulnerabilities shows that current processors exceed
our levels of understanding. The prominent Meltdown and Spectre attacks abruptly revealed …
our levels of understanding. The prominent Meltdown and Spectre attacks abruptly revealed …
Sancus 2.0: A low-cost security architecture for iot devices
The Sancus security architecture for networked embedded devices was proposed in 2013 at
the USENIX Security conference. It supports remote (even third-party) software installation …
the USENIX Security conference. It supports remote (even third-party) software installation …
A formal foundation for secure remote execution of enclaves
Recent proposals for trusted hardware platforms, such as Intel SGX and the MIT Sanctum
processor, offer compelling security features but lack formal guarantees. We introduce a …
processor, offer compelling security features but lack formal guarantees. We introduce a …
{Light-Weight} Contexts: An {OS} Abstraction for Safety and Performance
We introduce a new OS abstraction—light-weight contexts (lwCs)—that provides
independent units of protection, privilege, and execution state within a process. A process …
independent units of protection, privilege, and execution state within a process. A process …
Journey beyond full abstraction: Exploring robust property preservation for secure compilation
Good programming languages provide helpful abstractions for writing secure code, but the
security properties of the source language are generally not preserved when compiling a …
security properties of the source language are generally not preserved when compiling a …
Ariadne: A minimal approach to state continuity
R Strackx, F Piessens - 25th USENIX Security Symposium (USENIX …, 2016 - usenix.org
Protected-module architectures such as Intel SGX provide strong isolation guarantees to
sensitive parts of applications while the system is up and running. Unfortunately systems in …
sensitive parts of applications while the system is up and running. Unfortunately systems in …
VulCAN: Efficient component authentication and software isolation for automotive control networks
Vehicular communication networks have been subject to a growing number of attacks that
put the safety of passengers at risk. This resulted in millions of vehicles being recalled and …
put the safety of passengers at risk. This resulted in millions of vehicles being recalled and …
Dimsum: A decentralized approach to multi-language semantics and verification
Prior work on multi-language program verification has achieved impressive results,
including the compositional verification of complex compilers. But the existing approaches to …
including the compositional verification of complex compilers. But the existing approaches to …
Fully abstract compilation via universal embedding
A fully abstract compiler guarantees that two source components are observationally
equivalent in the source language if and only if their translations are observationally …
equivalent in the source language if and only if their translations are observationally …