diff --git a/src/experiments/l4-sys/CMakeLists.txt b/src/experiments/l4-sys/CMakeLists.txt
index 98af5259..e74625fb 100644
--- a/src/experiments/l4-sys/CMakeLists.txt
+++ b/src/experiments/l4-sys/CMakeLists.txt
@@ -14,6 +14,8 @@ set(MY_CAMPAIGN_SRCS
 	experiment.cc
 	campaign.hpp
 	campaign.cc
+	UDIS86.hpp
+	UDIS86.cc
 )
 
 #### PROTOBUFS ####
diff --git a/src/experiments/l4-sys/UDIS86.cc b/src/experiments/l4-sys/UDIS86.cc
new file mode 100644
index 00000000..f11220bd
--- /dev/null
+++ b/src/experiments/l4-sys/UDIS86.cc
@@ -0,0 +1,60 @@
+#include "sal/bochs/BochsController.hpp"
+#include "UDIS86.hpp"
+
+using namespace fail;
+
+Udis86::Udis86(const unsigned char *instr, size_t size) {
+	// initialise the buffer
+	unsigned char *udis_instr = static_cast<unsigned char*>(malloc(size));
+	memcpy(udis_instr, instr, size);
+
+	// initialise the internal data structure
+	memset(&ud_obj, 0, sizeof(ud_t));
+	ud_init(&ud_obj);
+
+	// assign the buffer to the data structure
+	ud_set_input_buffer(&ud_obj, udis_instr, size);
+
+	// free the buffer
+	free(udis_instr);
+}
+
+bool Udis86::fetchNextInstruction() {
+	return (ud_disassemble(&ud_obj) > 0);
+}
+
+GPRegisterId Udis86::udisGPRToFailBochsGPR(ud_type_t udisReg) {
+#define REG_CASE(REG) case UD_R_##REG: return RID_##REG
+	switch (udisReg) {
+#if BX_SUPPORT_X86_64 // 64 bit register id's:
+	REG_CASE(RAX);
+	REG_CASE(RCX);
+	REG_CASE(RDX);
+	REG_CASE(RBX);
+	REG_CASE(RSP);
+	REG_CASE(RBP);
+	REG_CASE(RSI);
+	REG_CASE(RDI);
+	REG_CASE(R8);
+	REG_CASE(R9);
+	REG_CASE(R10);
+	REG_CASE(R11);
+	REG_CASE(R12);
+	REG_CASE(R13);
+	REG_CASE(R14);
+	REG_CASE(R15);
+#else
+	REG_CASE(EAX);
+	REG_CASE(ECX);
+	REG_CASE(EDX);
+	REG_CASE(EBX);
+	REG_CASE(ESP);
+	REG_CASE(EBP);
+	REG_CASE(ESI);
+	REG_CASE(EDI);
+#endif
+	default:
+		return RID_LAST_GP_ID;
+	}
+#undef REG_CASE
+}
diff --git a/src/experiments/l4-sys/UDIS86.hpp b/src/experiments/l4-sys/UDIS86.hpp
new file mode 100644
index 00000000..9946961a
--- /dev/null
+++ b/src/experiments/l4-sys/UDIS86.hpp
@@ -0,0 +1,41 @@
+#ifndef __UDIS86_HPP__
+  #define __UDIS86_HPP__
+
+#include <udis86.h>
+#include "sal/bochs/BochsRegister.hpp"
+
+/**
+ * \class Udis86
+ *
+ * \brief Class to disassemble instructions
+ *
+ * This class disassembles a stream of machine code instruction
+ * by instruction.
+ * It provides a (thin) wrapper around the C API of UDIS86.
+ */
+class Udis86
+{
+private:
+	ud_t ud_obj; //<! the ud object of udis86
+public:
+	Udis86(const unsigned char *instr, size_t size);
+	/**
+	 * retrieves the private ud structure of udis86
+	 * @returns a reference pointer to a ud_t variable
+	 */
+	inline const ud_t &getCurrentState() const { return ud_obj; }
+	/**
+	 * Tries to decode the next instruction from the given buffer.
+	 * @returns \c true if a new instruction could be retrieved, \c false if the object has expired
+	 */
+	bool fetchNextInstruction();
+	/**
+	 * Returns the FailBochs equivalent to a UDIS86 GPR identifier.
+	 * Attention: this only returns either 32-bit or 64-bit registers, no general IDs
+	 * @param udisReg the udis86 GPR ID
+	 * @returns the FailBochs GPR ID, usable with the BochsRegisterManager class
+	 */
+	static fail::GPRegisterId udisGPRToFailBochsGPR(ud_type_t udisReg);
+};
+
+#endif // __UDIS86_HPP__
diff --git a/src/experiments/l4-sys/experiment.cc b/src/experiments/l4-sys/experiment.cc
index a34b34b5..157f831c 100644
--- a/src/experiments/l4-sys/experiment.cc
+++ b/src/experiments/l4-sys/experiment.cc
@@ -9,6 +9,7 @@
 #include "experiment.hpp"
 #include "experimentInfo.hpp"
 #include "UDIS86.hpp"
+#include "campaign.hpp"
 
 #include "sal/SALConfig.hpp"
 #include "sal/SALInst.hpp"
diff --git a/src/experiments/l4-sys/experiment.hpp b/src/experiments/l4-sys/experiment.hpp
index 01347c1a..d83ad939 100644
--- a/src/experiments/l4-sys/experiment.hpp
+++ b/src/experiments/l4-sys/experiment.hpp
@@ -5,9 +5,10 @@
 
 #include "efw/ExperimentFlow.hpp"
 #include "efw/JobClient.hpp"
-#include "campaign.hpp"
 #include "util/Logger.hpp"
 
+class L4SysExperimentData;
+
 class L4SysExperiment : public fail::ExperimentFlow {
 	fail::JobClient m_jc;
 public: