Abstract—There is a significant body of work devoted to testing, verifying, and certifying the correctness of optimizing compilers. The focus of such work is to determine if source code and optimized code have the same functional semantics. In this paper, we introduce the correctness-security gap, which arises when a compiler optimization preserves the functionality of but violates a security guarantee made by source code. We show with concrete code examples that several standard optimizations, which have been formally proved correct, in-habit this correctness-security gap. We analyze this gap and conclude that it arises due to techniques that model the state of the program but not the state of the underlying machine. We propose a broad res...
In this work, we present several compiler optimizations to reduce the overhead due to software prote...
Formal program verification offers strong assurance of cor-rectness, backed by the strength of mathe...
Secure compilers generate compiled code that withstands many target-level attacks such as alteration...
Presented on February 7, 2020 at 12:00 p.m. in the CODA building, 9th floor block atrium.Michael D. ...
AbstractSemantics preservation between source and target program is the commonly accepted minimum re...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
. We show that compiler optimisations based on strictness analysis can be expressed formally in the ...
AbstractThe theory of relative program correctness and its preservation allows for elaborate and pra...
Compilers are at the foundation of software security. On the one hand, compilers are an ideal place ...
International audienceGiven the complexity and sophistication of code generation and optimization al...
We describe a technique for automatically proving compiler optimizations sound, meaning that their t...
Secure compilation investigates when compilation chains preserve security properties. Over the years...
In theory secure computation offers a solution for privacy in many collaborative applications. Howev...
In the late 1990s, proof-carrying code was able to produce machine-checkable safety proofs for machi...
This paper sketches a rigorous correctness proof of a compiler executable. We will emphasize the cen...
In this work, we present several compiler optimizations to reduce the overhead due to software prote...
Formal program verification offers strong assurance of cor-rectness, backed by the strength of mathe...
Secure compilers generate compiled code that withstands many target-level attacks such as alteration...
Presented on February 7, 2020 at 12:00 p.m. in the CODA building, 9th floor block atrium.Michael D. ...
AbstractSemantics preservation between source and target program is the commonly accepted minimum re...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
. We show that compiler optimisations based on strictness analysis can be expressed formally in the ...
AbstractThe theory of relative program correctness and its preservation allows for elaborate and pra...
Compilers are at the foundation of software security. On the one hand, compilers are an ideal place ...
International audienceGiven the complexity and sophistication of code generation and optimization al...
We describe a technique for automatically proving compiler optimizations sound, meaning that their t...
Secure compilation investigates when compilation chains preserve security properties. Over the years...
In theory secure computation offers a solution for privacy in many collaborative applications. Howev...
In the late 1990s, proof-carrying code was able to produce machine-checkable safety proofs for machi...
This paper sketches a rigorous correctness proof of a compiler executable. We will emphasize the cen...
In this work, we present several compiler optimizations to reduce the overhead due to software prote...
Formal program verification offers strong assurance of cor-rectness, backed by the strength of mathe...
Secure compilers generate compiled code that withstands many target-level attacks such as alteration...