PatchLens recovers compact Boolean predicates (VICs) over configuration options for vulnerabilities from patch analysis in C/C++ systems, showing most vulnerabilities affect only subsets of variants and CVE texts rarely encode the options.
Spectre attacks: Exploit- ing speculative execution
4 Pith papers cite this work. Polarity classification is still indexing.
citation-role summary
citation-polarity summary
years
2026 4verdicts
UNVERDICTED 4roles
background 1polarities
background 1representative citing papers
A sound and complete deductive system for relative trace equality based on relative bisimulation is introduced, formalized in Rocq, and demonstrated on two contract satisfaction proofs.
MIPSBLEED uncovers timing leaks in L1 data cache, L1 instruction cache, and execution engine of SMT-enabled MIPS processors and demonstrates a single-trace key recovery attack on elliptic curve cryptography.
Systematizes constant time models, identifies a specification gap in private key loading, and confirms timing leaks in OpenSSL and BoringSSL where BoringSSL leaks more strongly despite a stricter model.
citing papers explorer
-
Automated Detection of Configuration-Specific Security Vulnerabilities via Patch Analysis
PatchLens recovers compact Boolean predicates (VICs) over configuration options for vulnerabilities from patch analysis in C/C++ systems, showing most vulnerabilities affect only subsets of variants and CVE texts rarely encode the options.
-
A Deductive System for Contract Satisfaction Proofs
A sound and complete deductive system for relative trace equality based on relative bisimulation is introduced, formalized in Rocq, and demonstrated on two contract satisfaction proofs.
-
MIPSBLEED: Uncovering Microarchitectural Timing Leaks in Pervasive Embedded Processors
MIPSBLEED uncovers timing leaks in L1 data cache, L1 instruction cache, and execution engine of SMT-enabled MIPS processors and demonstrates a single-trace key recovery attack on elliptic curve cryptography.
-
SoK: The Constant Time Model
Systematizes constant time models, identifies a specification gap in private key loading, and confirms timing leaks in OpenSSL and BoringSSL where BoringSSL leaks more strongly despite a stricter model.