Secure Compilation Marco Patrignani & Michael Backes


Currently, no news are available

Secure Compilation (Seminar)

This seminar will explore the nascent field of secure compilation.

The goal of secure compilation is to compile programs so as to preserve source security properties like data confidentiality and code integrity. This is challenging because attackers operating at the level of the compiler output are inherently more powerful than attackers in the source language.

This seminar will describe correctness criteria for secure compilation, specific instances of secure compilers as well as proof techniques for secure compilation.

Correctness criteria define that a compiler is secure. The seminar will explain why can we be sure that a criterion has any security meaning, i.e., what kinds of attacks can be defended against (and which not). Secondly, the seminar will discuss specific instances of secure compilers and how they achieve security, i.e., what mechanism (types, crypto, security architecture, etc.) do these compilers exploit to realise one of the presented criteria. Finally the seminar will cover basic proof techniques for secure compilation, i.e., how do you formally prove that a compiler is secure. 

More details on the course structure will be provided soon.

This is not a standard seminar, it includes Lectures.
The course will combine paper reading (at home), round table discussions with student presentations (in class, roughly 1 every week), as well as lectures (in class, in between presentations) to enable participants to understand the material fully. While the normal workload for a seminar is 60 hours classes + 150 hours homework, the lectures shift the level the workload to 80 - 130.
Students are expected to have some background in programming language semantics though lectures will also cover this, so it is not mandatory. No background in security is expected. 

Registration and Attendance

Registration for the course is mandatory, course registration is currently closed, you should first register at this page:  (if the site is down, don't worry, it'll be up soon)

After you register at that url, please send an email to the lecturer (see below), explaining your background in programming languages and security as well as the department and program (Bachelors, Masters, PhD) in which you are enrolled. Indicate whether or not you would like UdS credits for the course. Like all seminars, the final list for the course will be decided at the beginning of the semester.
During the first two weeks (20/04 is the last day), if you are registered you can drop the seminar with no consequences, but you must notify the lecturer. On the contrary, if you stay longer, or if you do not notify the lecturer, then you fail.

The seminar can host up to 13 students.

Non-credit participation is welcome.
Attendance is mandatory for getting credit hours. If for any reason you cannot attend, notify the lecturer in time. Absence for sickness is of course tolerated, though a proper medical note must be provided (and notification is anyway needed).

Location, Time Slot and Lecturer

Location: CISPA, campus E9 1, Floor 2, room 22 (so: 2.22).

Time Slot: We'll see to accommodate 2 slots for 2 hours each week, more information will follow soon.
The first lecture is on 12/04/2018 from 12:00 to 14:00 in the designated location.
The last lecture will be on 12/07/2018.

Please note that the schedule may vary depending on student registration and will be finalised once the students have enrolled.

Lecturer: Dr. Marco Patrignani (see homepage for details)

Assistant: Akram El-Korashy (see homepage for details)

Evaluation and Grading

For each paper every student will provide a paper summary to the lecturer and then one student will lead the discussion. The rest of the class will be the audience, providing questions, answers and clarifications.

Thus, a student's grade is split accordingly:

  • paper presentation (**) 10-30 %
  • paper summaries (see guidelines below): 50%
  • in-class participation: 20%
  • additional work: 0-20% (typically not required)

(**) Please note that not all papers are equal. Certain papers require more effort and therefore they can lead to a higher score (see the range in the candidate evaluation). These papers are marked with the tag [advanced] in the list below. If you wanted an advanced paper but none are available, you can contact the lecturer for additional work such as presenting a lecture on a sub-topic of an advanced paper.


Good paper summaries must include the following and be concise while retaining clarity. 

  • Context and Background: What is the domain of the work? Is there any basic concept to mention for understanding the paper?
  • Problem: What is the problem being addressed in the paper? Why is a difficult problem? (Problem Statement and Challenges) Why did the authors decide to consider it? (Motivation) 
  • Main Idea: What is the main idea of the authors presented in the paper? 
  • Contribution: How does this paper advance the state of the art? What is exactly new and valuable in the paper?
  • Evaluation: Precisely describe the languages, compiler and proof techniques adopted by the authors.
  • Pros and Cons: Provide your opinion about what you think is good about the paper and what are the weaknesses. Likewise, report any limitation and possible ideas for improving the paper.


List of Papers

This is the list of papers you should pick from:

  • TBA once the attendants list is known


Class Outline

If you encounter technical problems, please contact the administrators