Second and Final Call for Presentations: PriSC 2022 @ POPL 2022

Call for Presentations: PriSC 2022 @ POPL 2022

The emerging field of secure compilation aims to preserve security

properties of programs when they have been compiled to low-level

languages such as assembly, where high-level abstractions don’t exist,

and unsafe, unexpected interactions with libraries, other programs,

the operating system and even the hardware are possible. For unsafe

source languages like C, secure compilation requires careful handling

of undefined source-language behavior (like buffer overflows and

double frees). Formally, secure compilation aims to protect high-level

language abstractions in compiled code, even against adversarial

low-level contexts, thus enabling sound reasoning about security in

the source language. A complementary goal is to keep the compiled code

efficient, often leveraging new hardware security features and

advances in compiler design. Other necessary components are

identifying and formalizing properties that secure compilers must

possess, devising efficient security mechanisms (both software and

hardware), and developing effective verification and proof techniques.

Research in the field thus puts together advances in compiler design,

programming languages, systems security, verification, and computer

architecture.

6th Workshop on Principles of Secure Compilation (PriSC 2022)

The Workshop on Principles of Secure Compilation (PriSC) is a relatively

new, informal 1-day workshop without any proceedings. The goal is to

bring together researchers interested in secure compilation and to

identify interesting research directions and open challenges. The 6th

edition of PriSC will be held on January 22, together with the ACM

SIGPLAN Symposium on Principles of Programming Languages (POPL), 2022.

We hope to hold the workshop in person with for support for dial-in

attendees.

Keynote

This year's keynote will be "BPF and Spectre: Mitigating transient

execution attacks", by Piotr Krysiuk (Symantec, Threat Hunter Team),

Benedict Schlüter (Ruhr University Bochum), and Daniel Borkmann (Isovalent,

co-maintainer eBPF).

Important Dates

* Thu 28 Oct 2021: Submission Deadline

* Thu 18 Nov 2021: Acceptance Notification

* Sat 22 Jan 2022: Workshop

Presentation Proposals and Attending the Workshop

Anyone interested in presenting at the workshop should submit an

extended abstract (up to 2 pages, details below) covering past,

ongoing, or future work. Any topic that could be of interest to secure

compilation is in scope. Secure compilation should be interpreted very

broadly to include any work in security, programming languages,

architecture, systems or their combination that can be leveraged to

preserve security properties of programs when they are compiled or to

eliminate low-level vulnerabilities. Presentations that provide a

useful outside view or challenge the community are also welcome. This

includes presentations on new attack vectors such as

microarchitectural side-channels, whose defenses could benefit from

compiler techniques.

Specific topics of interest include but are not limited to:

* Attacker models for secure compiler chains.

* Secure compiler properties: fully abstract compilation and similar

properties, memory safety, control-flow integrity, preservation of

safety, information flow and other (hyper-)properties against

adversarial contexts, secure multi-language interoperability.

* Secure interaction between different programming languages: foreign

function interfaces, gradual types, securely combining different

memory management strategies.

* Enforcement mechanisms and low-level security primitives: static

checking, program verification, typed assembly languages, reference

monitoring, program rewriting, software-based isolation/hiding

techniques (SFI, crypto-based, randomization-based,

OS/hypervisor-based), security-oriented architectural features such as

Intel’s SGX, MPX and MPK, capability machines, side-channel defenses,

object capabilities.

* Experimental evaluation and applications of secure compilers.

* Proof methods relevant to compilation: (bi)simulation, logical

relations, game semantics, trace semantics, multi-language semantics,

embedded interpreters.

* Formal verification of secure compilation chains (protection

mechanisms, compilers, linkers, loaders), machine-checked proofs,

translation validation, property-based testing.

Guidelines for Submitting Extended Abstracts

Extended abstracts should be submitted in PDF format and not exceed 2

pages (references not including). They should be formatted in

two-column layout, 10pt font, and be printable on A4 and US Letter

sized paper. We recommend using the new acmart LaTeX style in sigplan

mode.

Submissions are not anonymous and should provide sufficient detail to

be assessed by the program committee. Presentation at the workshop

does not preclude publication elsewhere.

Submission website: https://prisc22.hotcrp.com/

Program Committee

Owen Arden, UC Santa Cruz

Arthur Azevedo de Amorim, Carnegie Mellon University

Iulia Bastys, Chalmers University of Technology

Roberto Blanco, Max Planck Institute for Security and Privacy

Tegan Brennan, Stevens Institute of Technology

Matteo Busi, Università di Pisa - Dipartimento di Informatica

Sunjay Cauligi, University of California at San Diego

Marco Guarnieri, IMDEA Software Institute (co-chair)

Armaël Guéneau, Aarhus University

Johannes Kinder, Bundeswehr University Munich

Adrien Koutsos, INRIA Paris

Elisavet Kozyri, Arctic University of Norway

Scott Moore, Galois

Toby Murray, University of Melbourne

Andrew C. Myers, Cornell University

David Pichardie, Facebook

Jonathan Protzenko, Microsoft Research (co-chair)

Christine Rizkallah, UNSW Sydney

Zhong Shao, Yale University

Éric Tanter, University of Chile

Danfeng Zhang, Pennsylvania State University

Contact and More Information

You can find more information on the workshop website:

https://popl22.sigplan.org/home/prisc-2022

For questions please contact the workshop chairs, Jonathan Protzenko

<[email protected]> and Marco Guarnieri

<[email protected]>.