The promise of software sandboxing is flexible, fast and portable isolation; capturing the
benefits of hardwarebased memory protection without requiring operating system …

Graphics Processing Units (GPUs) unlock emerging use cases like large language models
and autonomous driving. They process a large amount of sensitive data, where security is of …

WebAssembly makes it possible to run C/C++ applications on the web with near-native
performance. A WebAssembly program is expressed as a collection of higher-order ML-like …

We introduce Hardware-assisted Fault Isolation (HFI), a simple extension to existing
processors to support secure, flexible, and efficient in-process isolation. HFI addresses the …

This paper presents Half&Half, a novel software defense against branch-based side-
channel attacks. Half&Half isolates the effects of different protection domains on the …

Computations are now routinely delegated to third-parties. In response, Confidential
Computing technologies are being added to microprocessors offering a trusted execution …

Parser combinators are a well-known mechanism used for the compositional construction of
parsers, and have shown to be particularly useful in writing parsers for rich grammars with …

Formal verification is a promising technique to ensure the reliability of low-level programs
like operating systems and hypervisors, since it can show the absence of whole classes of …

In this article, we present a derivative-based, functional recognizer and parser generator for
visibly pushdown grammars. The generated parser accepts ambiguous grammars and …

Formally verified correctness is one of the most desirable properties of software systems.
Despite great progress made toward verification via interactive proof assistants, such as Coq …