PLAS'23 Copenhagen Γ

The 18th Workshop on Programming Languages and Analysis for Security (PLAS 2023)

November 26, 2023 - Copenhagen, Denmark

PLAS provides a forum for exploring and evaluating the use of programming language and program analysis techniques for promoting security in the complete range of software systems, from compilers to machine-learned models and smart contracts. The workshop encourages proposals of new, speculative ideas, evaluations of new or known techniques in practical settings, and discussions of emerging threats and problems. We also host position papers that are radical, forward-looking, and lead to lively and insightful discussions influential to the future research at the intersection of programming languages and security.

The scope of PLAS includes, but is not limited to:

  • Language-based techniques for detecting and eliminating side-channel vulnerabilities
  • Programming language techniques and verification applied to security in other domains (e.g. adversarial learning and smart contracts)
  • Software isolation techniques (e.g., SFI and sandboxing) and compiler-based hardening techniques (e.g, secure compilation).
  • Compiler-based security mechanisms (e.g. security type systems) or runtime-based security mechanisms (e.g. inline reference monitors)
  • Techniques for discovering and detecting security vulnerabilities, including program (binary) analysis and fuzzing
  • Automated introduction and/or verification of security enforcement mechanisms
  • Language-based verification of security properties in software, including verification of cryptographic protocols
  • Specifying and enforcing security policies for information flow and access control
  • Model-driven approaches to security
  • Security concerns for Web programming languages
  • Language design for security in new domains such as cloud computing and IoT
  • Applications, case studies, and implementations of these techniques


Time Event
8:30 AM - 9:00 AM Registration and Welcome Coffee
9:00 AM - 10:00 AM Keynote Talk
Paper Presentations
10:00 AM - 10:30 AM Microarchitectural Side-Channel Mitigations for Serverless Applications.
Yayu Wang, University of British Columbia. Aastha Mehta, University of British Columbia.
10:30 AM - 11:00 AM Coffee Break
11:00 AM - 11:30 PM Mechanized Proofs of Masking Security.
Roberto Blanco, MPI-SP, Christian Doczkal, MPI-SP, Jakob Feldtkeller, Ruhr University Bochum, Tim Güneysu, Ruhr University Bochum, Catalin Hritcu, MPI-SP.
11:30 PM - 12:00 PM Secure Calling Conventions for CHERI Capability Machines in Practice (Work in Progress).
Elias Storme, KU Leuven, Sander Huyghebaert, Vrije Universiteit Brussel, Steven Keuchel, Vrije Universiteit Brussel, Thomas Van Strydonck, KU Leuven, Dominique Devriese, KU Leuven.
12:00 PM - 1:30 PM Lunch Break
1:30 PM - 3:00 PM Unstructured Research Discussion
3:00 PM - 3:30 PM Closing Remarks and Workshop Conclusion

Invited Speaker

Tamara Rezk


Call for Papers

We invite both short papers and long papers. For short papers, we especially encourage the submission of position papers that are likely to generate lively discussion as well as short papers covering ongoing and future work.

  • Full papers: There is no page limit on long papers. Papers in this category are expected to have relatively mature content. Papers that present promising preliminary and exploratory work, or recently published work are particularly welcome in this category. Long papers may receive longer talk slots at the workshop than short papers, depending on the number of accepted submissions.
  • Short papers: should be at most 2 pages long, plus as many pages as needed for references. Papers that present radical, open-ended and forward-looking ideas are particularly welcome in this category. Authors submitting papers in this category must prepend the phrase "Short Paper:" to the title of the submitted paper.

The workshop has no published workshop proceedings and there is no restriction on paper format other than the page limits stated above. Presenting a paper (either short or long) at the workshop does not preclude submission to or publication in other venues that are before, concurrent, or after the workshop. Papers presented at the workshop will be made available to workshop participants only.

Submissions will be made (in PDF format) via the following HotCRP instance:

Important Dates

Paper submission: October 20, 2023 Extended until October 23, 2023 AoE
Author notification: November 3, 2023
Workshop date: November 26, 2023

Program Committee

Fraser Brown


Klaus von Gleissenthall

(VU Amsterdam)

Limin Jia


Kristina Sojakova

(VU Amsterdam)

Ethan Cecchetti

(University of Wisconsin–Madison)

Alexa VanHattum

(Wellesley College)

Alex Ozdemir

(Stanford University)

Previous Meetings