The compiler is a central component in the chain of software production because it is in charge of the production of executable code from source code. Contemporary compilers are highly complex pieces of software, able to target many programming languages and many complex architectures. Compilers involve program optimisations that usually target the execution time, which is in itself a challenging task. In this session, we will present some of the code transformations that a compiler is able to apply to a program. We will show that the compiler can break the protection mechanisms involved in your secured program: we will illustrate how some countermeasures against physical attacks may be broken by the compiler.
Damien Couroussé is a research engineer at CEA (Commissariat à l’Énergie Atomique et aux Énergies Renouvelables) since 2011. He received his PhD degree in 2008 a PhD from INPG (Institut National Polytechnique de Grenoble) in Engineering of Cognition Creation and Learning, working on embedded computing architectures for virtual reality and mutisensory systems, and spent two years in the industry at Logica CMG as an expert in Linux and embedded systems. His research focus on compilation and runtime code generation for performance and cybersecurity. He has contributed to several European collaborative projects, and is coordinator of the COGITO project (ANR INS 2013).