The maturation of the Web platform has given rise to sophisticated and demanding Web
applications such as interactive 3D visualization, audio and video software, and games. With …

Complete formal verification is the only known way to guarantee that a system is free of
programming errors. We present our experience in performing the formal, machine-checked …

This paper presents S2E, a platform for analyzing the properties and behavior of software
systems. We demonstrate S2E's use in developing practical tools for comprehensive …

We present an in-depth coverage of the comprehensive machine-checked formal verification
of seL4, a general-purpose operating system microkernel. We discuss the kernel design we …

TrustZone-based Real-time Kernel Protection (TZ-RKP) is a novel system that provides real-
time protection of the OS kernel using the ARM TrustZone secure world. TZ-RKP is more …

The serious bugs and security vulnerabilities facilitated by C/C++'s lack of bounds checking
are well known, yet C and C++ remain in widespread use. Unfortunately, C's arbitrary …

We propose SecVisor, a tiny hypervisor that ensures code integrity for commodity OS
kernels. In particular, SecVisor ensures that only user-approved code can execute in kernel …

We present a new system, KCoFI, that is the first we know of to provide complete Control-
Flow Integrity protection for commodity operating systems without using heavyweight …

When protecting a computer system, it is often necessary to isolate an untrusted component
into a separate protection domain and provide only controlled interaction between the …

Attacks that exploit out-of-bounds errors in C and C++ programs are still prevalent despite
many years of research on bounds checking. Previous backwards compatible bounds …