This project focuses on hardware features to improve the security of software systems. By refining the coarse-grained protections available in today's architectures, the project will aim to protect the integrity of individual software objects or components. The hardware mechanisms force tight controls on the execution of software components, which programmers can define to be as large as entire applications or as small as individual objects. The goal is to rapidly detect and also recover from attacks that improperly access memory or take over the CPU. The approach also includes hardware-supervised recovery, to enable systems to return to normal operation after an attack and to protect the recovery process itself from attacks.
The benefits of this project include the ability to thwart a large class of attacks and the potential of developing more robust software systems in the future. Recovery, which has received somewhat less attention than attack prevention or detection, is especially important for embedded systems that do not have the luxury of intervention by human operators.
The project will be used to train graduate students and to feed material into graduate courses taught at the three participating universities. Modules will also be developed for use in K-12 education with the aim of drawing students into considering careers in computer science and engineering.
