Secure compilation investigates when compilation chains preserve security properties. Over the years, different formal criteria and proof techniques have been put forward for proving a compiler secure. However, these proposals require a lot of manual effort by compiler designers. This paper introduces a formal approach to mechanically support these efforts. We focus on the specific class of robust safety properties and we propose a translation validation approach that leverages program analysis techniques to check that a compilation run preserves security
It is common to prove by reasoning over source code that programs do not leak sensitive data. But do...
Secure compilation is an emerging field that puts together advances in security, programming languag...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
Secure compilation aims to build compilation chains that preserve security properties when translati...
International audienceSecure compilation is a discipline aimed at developing compilers that preserve...
International audienceGood programming languages provide helpful abstractions for writing secure cod...
Secure compilers generate compiled code that withstands many target-level attacks such as alteration...
Modern programming languages provide helpful high-level abstractions and mechanisms (e.g. types, mod...
The most prominent formal criterion for secure compilation is full abstraction, the preservation and...
International audienceWe propose a new formal criterion for evaluating secure compilation schemes fo...
Severe low-level vulnerabilities abound in today's computer systems,allowing cyber-attackers to remo...
We map the space of soundness criteria for secure compilation based on the preservation of hyperprop...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
Abstract—There is a significant body of work devoted to testing, verifying, and certifying the corre...
International audienceCompartmentalization is good security-engineering practice. By breaking a larg...
It is common to prove by reasoning over source code that programs do not leak sensitive data. But do...
Secure compilation is an emerging field that puts together advances in security, programming languag...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...
Secure compilation aims to build compilation chains that preserve security properties when translati...
International audienceSecure compilation is a discipline aimed at developing compilers that preserve...
International audienceGood programming languages provide helpful abstractions for writing secure cod...
Secure compilers generate compiled code that withstands many target-level attacks such as alteration...
Modern programming languages provide helpful high-level abstractions and mechanisms (e.g. types, mod...
The most prominent formal criterion for secure compilation is full abstraction, the preservation and...
International audienceWe propose a new formal criterion for evaluating secure compilation schemes fo...
Severe low-level vulnerabilities abound in today's computer systems,allowing cyber-attackers to remo...
We map the space of soundness criteria for secure compilation based on the preservation of hyperprop...
Software is pervasive in our daily lives and we rely on it for many critical tasks. Despite the abun...
Abstract—There is a significant body of work devoted to testing, verifying, and certifying the corre...
International audienceCompartmentalization is good security-engineering practice. By breaking a larg...
It is common to prove by reasoning over source code that programs do not leak sensitive data. But do...
Secure compilation is an emerging field that puts together advances in security, programming languag...
Modern-day imperative programming languages such as C++, C# and Java offer protection facilities suc...