The
Silent
Tower

Sébastien Michelland's Ph.D defense#

I'll be defending my Ph.D, “Compilation beyond semantics for hardware security” on Friday, October 24th, 2025 at 14:00 CEST. The defense will be in English (both slides and spoken).

• Manuscript PDF (close-to-final version)

Attending the defense#

The defense will take place at Laboratoire de Conception et d'Intégration des Systèmes (LCIS) which is located at 50 rue Barthelemy de Laffemas, 26000 Valence. Here's how to get there. We will be in room D030 at the ground floor of building D, just on the right at the main entrance.

There will also be a remote broadcast:

• Videoconference room: https://grenoble-inp.zoom.us/j/95193067369
• Password: 723178

Jury#

The jury will be composed of:

• Albert Cohen, Directeur de Recherche, Google: Examiner
• Christophe Deleuze, Maître de Conférences, Grenoble INP–UGA: Thesis co-advisor
• Laure Gonnord, Professeure des Universités, Grenoble INP–UGA: Thesis advisor
• Daniel Gruss, University Professor, Graz University of Technology: Examiner
• Jens Gustedt, Directeur de Recherche, Centre Inria de l’Université de Lorraine: Reviewer
• Karine Heydemann, Docteure en Sciences HDR, Thalès DIS: Reviewer
• Marie-Laure Potet, Professeure des Universités Emérite, Grenoble INP–UGA: Examiner
• Isabelle Puaut, Professeure des Universités, Université de Rennes: Examiner

Abstract#

Because of their deployment in the field, embedded systems are exposed to tricky physical attacks. For instance, fault injections induce abnormal behaviors in the system by interfering with circuits (through signals, power, or otherwise—anything goes). They pose a major threat that's not just random defect-induced faults but targeted, engineered attacks that can slip through even minor cracks.

Countermeasures, when they exist, rely on minute control of hardware, software, or both. But just controlling the software layers, spanning from high-level application code typically in C to assembler code, is difficult. It's well understood that compiling programs can destroy the software components of security countermeasures. For instance, it makes sense to run sensitive computations twice to check for errors induced by faults, but since this has no effect in the programming language's fault-free semantics, the compiler is free (and programmed) to remove duplicates.

This thesis analyzes this friction between security countermeasures against hardware attacks (mostly fault injections) and the compilation of C code. It shows that the entire compilation chain is involved in security violations, from optimizations to lowerings to semantic subtleties of intermediate languages. Its main product is Tracing LLVM, a lightweight open-source extension of LLVM which enriches the interface between program and compiler to facilitate the implementation and preservation of security countermeasures.

This thesis was prepared at the LCIS lab in the CTSYS, and benefited from the local expertise in hardware design and fault injection.

Image based on a design on Freepik.