{"id":"https://openalex.org/W3215900204","doi":"https://doi.org/10.1145/3498886.3502202","title":"Semi-automatic ladderisation: improving code security through rewriting and dependent types","display_name":"Semi-automatic ladderisation: improving code security through rewriting and dependent types","publication_year":2022,"publication_date":"2022-01-12","ids":{"openalex":"https://openalex.org/W3215900204","doi":"https://doi.org/10.1145/3498886.3502202","mag":"3215900204"},"language":"en","primary_location":{"id":"doi:10.1145/3498886.3502202","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3498886.3502202","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGPLAN International Workshop on Partial Evaluation and Program Manipulation","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5063492775","display_name":"Christopher Brown","orcid":"https://orcid.org/0000-0001-6030-2885"},"institutions":[{"id":"https://openalex.org/I16835326","display_name":"University of St Andrews","ror":"https://ror.org/02wn5qz54","country_code":"GB","type":"education","lineage":["https://openalex.org/I16835326"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Christopher Brown","raw_affiliation_strings":["University of St. Andrews, UK","School of Computer Science [University of St Andrews]"],"affiliations":[{"raw_affiliation_string":"University of St. Andrews, UK","institution_ids":["https://openalex.org/I16835326"]},{"raw_affiliation_string":"School of Computer Science [University of St Andrews]","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056270312","display_name":"Adam D. Barwell","orcid":"https://orcid.org/0000-0003-1236-7160"},"institutions":[{"id":"https://openalex.org/I16835326","display_name":"University of St Andrews","ror":"https://ror.org/02wn5qz54","country_code":"GB","type":"education","lineage":["https://openalex.org/I16835326"]},{"id":"https://openalex.org/I47508984","display_name":"Imperial College London","ror":"https://ror.org/041kmwe10","country_code":"GB","type":"education","lineage":["https://openalex.org/I47508984"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Adam D. Barwell","raw_affiliation_strings":["University of St. Andrews, UK / Imperial College London, UK","Imperial College London","School of Computer Science [University of St Andrews]"],"affiliations":[{"raw_affiliation_string":"University of St. Andrews, UK / Imperial College London, UK","institution_ids":["https://openalex.org/I47508984","https://openalex.org/I16835326"]},{"raw_affiliation_string":"Imperial College London","institution_ids":["https://openalex.org/I47508984"]},{"raw_affiliation_string":"School of Computer Science [University of St Andrews]","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038018991","display_name":"Yoann Marquer","orcid":"https://orcid.org/0000-0002-4607-967X"},"institutions":[{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Yoann Marquer","raw_affiliation_strings":["Inria, France","Diversity-centric Software Engineering","Threat Analysis and Mitigation for Information Security"],"affiliations":[{"raw_affiliation_string":"Inria, France","institution_ids":["https://openalex.org/I1326498283"]},{"raw_affiliation_string":"Diversity-centric Software Engineering","institution_ids":[]},{"raw_affiliation_string":"Threat Analysis and Mitigation for Information Security","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5009915982","display_name":"Olivier Zendra","orcid":"https://orcid.org/0000-0001-6830-2572"},"institutions":[{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Olivier Zendra","raw_affiliation_strings":["Inria, France","Threat Analysis and Mitigation for Information Security","Diversity-centric Software Engineering"],"affiliations":[{"raw_affiliation_string":"Inria, France","institution_ids":["https://openalex.org/I1326498283"]},{"raw_affiliation_string":"Threat Analysis and Mitigation for Information Security","institution_ids":[]},{"raw_affiliation_string":"Diversity-centric Software Engineering","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076458826","display_name":"Tania Richmond","orcid":"https://orcid.org/0000-0003-0189-4272"},"institutions":[{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Tania Richmond","raw_affiliation_strings":["Inria, France / DGA, France","Diversity-centric Software Engineering","Threat Analysis and Mitigation for Information Security","DGA Ma\u00eetrise de l'information"],"affiliations":[{"raw_affiliation_string":"Inria, France / DGA, France","institution_ids":["https://openalex.org/I1326498283"]},{"raw_affiliation_string":"Diversity-centric Software Engineering","institution_ids":[]},{"raw_affiliation_string":"Threat Analysis and Mitigation for Information Security","institution_ids":[]},{"raw_affiliation_string":"DGA Ma\u00eetrise de l'information","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5050719534","display_name":"Chen Gu","orcid":"https://orcid.org/0000-0001-7943-1468"},"institutions":[{"id":"https://openalex.org/I16365422","display_name":"Hefei University of Technology","ror":"https://ror.org/02czkny70","country_code":"CN","type":"education","lineage":["https://openalex.org/I16365422"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chen Gu","raw_affiliation_strings":["Hefei University of Technology, China","Hefei University of Technology"],"affiliations":[{"raw_affiliation_string":"Hefei University of Technology, China","institution_ids":["https://openalex.org/I16365422"]},{"raw_affiliation_string":"Hefei University of Technology","institution_ids":["https://openalex.org/I16365422"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5063492775"],"corresponding_institution_ids":["https://openalex.org/I16835326"],"apc_list":null,"apc_paid":null,"fwci":0.5553,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.70557454,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"14","last_page":"27"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8142502307891846},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7417282462120056},{"id":"https://openalex.org/keywords/rewriting","display_name":"Rewriting","score":0.7239100933074951},{"id":"https://openalex.org/keywords/information-leakage","display_name":"Information leakage","score":0.5838240385055542},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5746418833732605},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.5481642484664917},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.5339953303337097},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4875614047050476},{"id":"https://openalex.org/keywords/class","display_name":"Class (philosophy)","score":0.46094071865081787},{"id":"https://openalex.org/keywords/side-channel-attack","display_name":"Side channel attack","score":0.4482814371585846},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.4440980851650238},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4392925202846527},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.43028926849365234},{"id":"https://openalex.org/keywords/cryptographic-primitive","display_name":"Cryptographic primitive","score":0.4239577651023865},{"id":"https://openalex.org/keywords/cryptographic-protocol","display_name":"Cryptographic protocol","score":0.2753831148147583},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.10998636484146118}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8142502307891846},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7417282462120056},{"id":"https://openalex.org/C154690210","wikidata":"https://www.wikidata.org/wiki/Q1668499","display_name":"Rewriting","level":2,"score":0.7239100933074951},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.5838240385055542},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5746418833732605},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.5481642484664917},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.5339953303337097},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4875614047050476},{"id":"https://openalex.org/C2777212361","wikidata":"https://www.wikidata.org/wiki/Q5127848","display_name":"Class (philosophy)","level":2,"score":0.46094071865081787},{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.4482814371585846},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.4440980851650238},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4392925202846527},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.43028926849365234},{"id":"https://openalex.org/C15927051","wikidata":"https://www.wikidata.org/wiki/Q246593","display_name":"Cryptographic primitive","level":4,"score":0.4239577651023865},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.2753831148147583},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.10998636484146118},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/3498886.3502202","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3498886.3502202","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM SIGPLAN International Workshop on Partial Evaluation and Program Manipulation","raw_type":"proceedings-article"},{"id":"pmh:oai:research-repository.st-andrews.ac.uk:10023/24384","is_oa":false,"landing_page_url":"http://hdl.handle.net/10023/24384","pdf_url":null,"source":{"id":"https://openalex.org/S4306400230","display_name":"St Andrews Research Repository (St Andrews Research Repository)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I16835326","host_organization_name":"University of St Andrews","host_organization_lineage":["https://openalex.org/I16835326"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"","raw_type":"Conference item"},{"id":"pmh:oai:research-repository.st-andrews.ac.uk:10023/24797","is_oa":false,"landing_page_url":"https://hdl.handle.net/10023/24797","pdf_url":null,"source":{"id":"https://openalex.org/S4306400230","display_name":"St Andrews Research Repository (St Andrews Research Repository)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I16835326","host_organization_name":"University of St Andrews","host_organization_lineage":["https://openalex.org/I16835326"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":null,"raw_type":"Conference item"},{"id":"pmh:oai:HAL:hal-03805561v1","is_oa":false,"landing_page_url":"https://inria.hal.science/hal-03805561","pdf_url":null,"source":{"id":"https://openalex.org/S4406922461","display_name":"SPIRE - Sciences Po Institutional REpository","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"PEPM 2022 - ACM SIGPLAN International Workshop on Partial Evaluation and Program Manipulation, Jan 2022, Philadelphia PA, United States. pp.14-27, &#x27E8;10.1145/3498886.3502202&#x27E9;","raw_type":"Conference papers"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7599999904632568,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G4722879663","display_name":null,"funder_award_id":"EP/V006290/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G6387785971","display_name":null,"funder_award_id":"779882","funder_id":"https://openalex.org/F4320332999","funder_display_name":"Horizon 2020 Framework Programme"}],"funders":[{"id":"https://openalex.org/F4320332999","display_name":"Horizon 2020 Framework Programme","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W1562542037","https://openalex.org/W1786490218","https://openalex.org/W1971605365","https://openalex.org/W2023299380","https://openalex.org/W2036378739","https://openalex.org/W2043100293","https://openalex.org/W2111662649","https://openalex.org/W2121043529","https://openalex.org/W2128771831","https://openalex.org/W2145108549","https://openalex.org/W2311942676","https://openalex.org/W2478327424","https://openalex.org/W2480510614","https://openalex.org/W2483894624","https://openalex.org/W2498906313","https://openalex.org/W2728028396","https://openalex.org/W2734797515","https://openalex.org/W2769069578","https://openalex.org/W2795159915","https://openalex.org/W2904694895","https://openalex.org/W2964566644","https://openalex.org/W2976028879","https://openalex.org/W3010585845","https://openalex.org/W3035097735","https://openalex.org/W3037700620","https://openalex.org/W3038458024","https://openalex.org/W4232836212","https://openalex.org/W4237535870","https://openalex.org/W4298016935","https://openalex.org/W6677752811","https://openalex.org/W6749358997"],"related_works":["https://openalex.org/W2769734684","https://openalex.org/W2022533428","https://openalex.org/W2580249689","https://openalex.org/W2103519941","https://openalex.org/W2969678054","https://openalex.org/W1796231437","https://openalex.org/W2903787673","https://openalex.org/W3158338108","https://openalex.org/W2584285084","https://openalex.org/W2035197528"],"abstract_inverted_index":{"Cyber":[0],"attacks":[1],"become":[2],"more":[3,5,102],"and":[4],"prevalent":[6],"every":[7],"day.":[8],"One":[9],"type":[10],"of":[11,30,59,72,84,116,181,188,196,205],"cyber":[12],"attack":[13],"is":[14],"known":[15],"as":[16,43],"a":[17,31,82,109,124,194,203],"side":[18],"channel":[19],"attack,":[20],"where":[21],"attackers":[22],"exploit":[23],"information":[24],"leakage":[25],"from":[26,208],"the":[27,57,70,87,114,130,157,186,209],"physical":[28],"execution":[29],"program,":[32],"e.g.":[33],"timing":[34],"or":[35,46,76],"power":[36],"leakage,":[37],"to":[38,68,99],"uncover":[39],"secret":[40],"information,":[41],"such":[42],"encryption":[44],"keys":[45],"other":[47],"sensitive":[48],"data.":[49],"There":[50],"have":[51],"been":[52],"various":[53,66],"attempts":[54],"at":[55,129],"addressing":[56],"problem":[58],"preventing":[60],"side-channel":[61],"attacks,":[62],"often":[63,90],"relying":[64],"on":[65,113,172,202],"measures":[67],"decrease":[69],"discernibility":[71],"several":[73],"code":[74,77,159],"variants":[75],"paths.":[78],"Most":[79],"techniques":[80],"require":[81],"high-degree":[83],"expertise":[85],"by":[86,119,165],"developer,":[88,132],"who":[89],"employs":[91],"ad":[92],"hoc,":[93],"hand-crafted":[94],"code-patching":[95],"in":[96],"an":[97,166],"attempt":[98],"make":[100],"it":[101],"secure.":[103],"In":[104],"this":[105],"paper,":[106],"we":[107],"take":[108],"different":[110],"approach:":[111],"building":[112],"idea":[115],"ladderisation,":[117],"inspired":[118],"Montgomery":[120],"Ladders.":[121],"We":[122,198],"present":[123],"semi-automatic":[125],"tool-supported":[126],"technique,":[127],"aimed":[128],"non-specialised":[131],"which":[133],"refactors":[134],"(a":[135],"class":[136],"of)":[137],"C":[138,183],"programs":[139],"into":[140,160],"functionally":[141],"(and":[142],"even":[143],"algorithmically)":[144],"equivalent":[145,190],"counterparts":[146,192],"with":[147],"improved":[148],"security":[149],"properties.":[150],"Our":[151,175],"approach":[152,201],"provides":[153],"refactorings":[154],"that":[155],"transform":[156],"source":[158],"its":[161],"ladderised":[162,191],"equivalent,":[163],"driven":[164],"underlying":[167],"verified":[168],"rewrite":[169,176],"system,":[170],"based":[171],"dependent":[173],"types.":[174],"system":[177],"automatically":[178],"finds":[179],"rewritings":[180],"selected":[182],"expressions,":[184],"facilitating":[185],"production":[187],"their":[189],"for":[193],"subset":[195],"C.":[197],"demonstrate":[199],"our":[200],"number":[204],"representative":[206],"examples":[207],"cryptographic":[210],"domain,":[211],"showing":[212],"increased":[213],"security.":[214]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}