Comparative evaluation of intermediate languages


Supervision: Tim Blazytko

Start date: as soon as pos­si­ble

Duration: 6 months

More details: [REIL] [RREIL] [BAP] [VEX]


Automated reasoning about binary programs is widely used for tasks such as vulnerability discovery, exploit generation and reverse engineering. To obtain results that are as accurate as possible, a precise description of the program semantics is required. Assembly code does not fulfil these qualifications, since it often modifies registers implicitly.

For this reason, assembly code is translated into a (platform-independent) intermediate language that represents implicit changes in an explicit manner. In dependence on the design and characteristics of an intermediate representation, some intermediate languages are more suitable for specific analysis tasks than others. That is one reason why there exist many binary program analysis frameworks that rely on different intermediate representations .

The thesis’ goal is to categorise and to compare different intermediate languages, such that their strength and weaknesses related to program analysis can be examined. For that purpose, the following steps are required:

  • developing criteria for comparing intermediate languages
  • elaborating the main characteristics of each intermediate language
  • working out the commonalities and differences between intermediate languages
  • examining the consequences for program analysis based on the commonalities and differences


  • knowledge of program analysis/reverse engineering
  • basic knowledge of intermediate languages is helpful
  • enjoying slightly more formal aspects of reverse engineering and exploitation