PLDI

A formally verified compiler is a compiler that comes with a machine-checked proof that no bug is introduced during compilation. This correctness property states that the compiler preserves the semantics of programs. Formally verified compilers ...

Logic Programming (LP) is considered to be relatively simple for non-programmers, and allows the developer to focus on developing facts and rules of a logical derivation, and not on algorithms. Secure multiparty computation (MPC) is a methodology that ...

Memory-trace Obliviousness (MTO) is a noninterference property: programs that enjoy it have neither explicit nor implicit information leaks, even when the adversary can observe the program counter and the address trace of memory accesses. Probabilistic ...

Types indexed with extra type-level information are a powerful tool for statically enforcing domain-specific security properties. In many cases, this extra information is runtime-irrelevant, and so it can be completely erased at compile-time without ...

Verification techniques have been applied to the design of secure protocols for decades. However, relatively few efforts have been made to ensure that verified designs are also implemented securely. Static code verification techniques offer one way to ...

It is easier than ever before to build complex web applications that handle sensitive user data. At same time, regulatory shifts have made data breaches more costly than ever before.

While starting Akita, I discovered just how difficult it is for ...

Reverse engineering unknown binary message formats is an important part of security research. Error detecting codes such as checksums and Cyclic Redundancy Check codes (CRCs) are commonly added to messages as a guard against corrupt or untrusted input. ...

Recent efforts have sought to design new smart contract programming languages that make writing blockchain programs safer. But programs on the blockchain are beholden only to the safety properties enforced by the blockchain itself: even the strictest ...