Secure compilation is a discipline aimed at develo** compilers that preserve the security
properties of the source programs they take as input in the target programs they produce as …

Embedded systems are increasingly pervasive, interdependent and in many cases critical to
our every day life and safety. Tiny devices that cannot afford sophisticated hardware security …

In this paper we propose Sancus, a security architecture for networked embedded devices.
Sancus supports extensibility in the form of remote (even third-party) software installation on …

The Sancus security architecture for networked embedded devices was proposed in 2013 at
the USENIX Security conference. It supports remote (even third-party) software installation …

Compilers assure that any produced optimized code is semantically equivalent to the
original code. However, even" correct" compilers may introduce security bugs as security …

Good programming languages provide helpful abstractions for writing secure code, but the
security properties of the source language are generally not preserved when compiling a …

Protected-module architectures such as Intel SGX provide strong isolation guarantees to
sensitive parts of applications while the system is up and running. Unfortunately systems in …

A fully abstract compiler prevents security features of the source language from being
bypassed by an attacker operating at the target language level. Unfortunately, develo** …

Many tools allow programmers to develop applications in high-level languages and deploy
them in web browsers via compilation to JavaScript. While practical and widely used, these …

Protecting commodity operating systems against software exploits is known to be
challenging, because of their sheer size. The same goes for key software applications such …