Our society, economy and national security are critically dependent on computers and computing devices. With a few hops, commodity computers and mobile phones can be connected to secret or sensitive information or to critical infrastructures. However, mainstream commodity computers have not been designed with security in mind, for the last three or more decades. Rather, they have been designed to improve performance, energy efficiency, cost or size, with security added on as an after-thought. While some specialized secure computers have been built, up to now, one had to sacrifice performance (or cost and convenience) for security. In this research, the PI plans to explore what is feasible if we allow ourselves a clean-slate design, where security is a first-class goal, on par with performance and other goals. The investigation will rethink computer architecture from first principles to significantly improve both the security and the performance of future computers.
The research has two thrusts: how to design computer architecture to enable more secure software and systems, and how to design computer hardware components that are themselves more trustworthy. The PI will develop a new threat-based design methodology for computer architecture, examining how to build security awareness into the design of each basic aspect of computing. New architectural foundations for secure processing, secure memories, secure caches, secure virtual memory translation, secure storage, and secure control flow will be developed. The research will focus on providing the cornerstones of security: Confidential and Integrity of critical information, and Availability, in the sense of resilient attestation and execution of security-critical tasks even when parts of the system may have been corrupted. The solutions will also consider hardware attacks, in addition to the software and network attacks considered by software security solutions and the current state-of-the-art hardware TPM (Trusted Platform Module) solution.
The intellectual contributions of this research will be new architectural foundations, and a new dimension of "threat-based design" in the research and development of all future computers. The broader impact of this research is to provide core security technology that can be built into commodity computing devices and their servers. These can be used in computer, communications, control, entertainment and embedded systems to build significantly more secure systems that will provide a leap forward in information and cyber security, benefiting our society.
