Speaker: Andrew Myers
Location: Soda 380
Date: September 8, 2023
Time: 11am-12pm PST
Title: Languages for easier and more secure hardware development
Hardware is the root of trust, but can we trust hardware? Recent hardware attacks, including against secure hardware enclaves such as SGX, suggest otherwise. Attacks that exploit speculative execution are particularly problematic. Defenses against these attacks have been proposed, but generally target only one part of the processor architecture, and are evaluated on an abstract model of the processor that may easily leave out security-critical details. To eliminate speculative vulnerabilities, security must be evaluated comprehensively across the processor design and at a level of abstraction low enough to expose vulnerabilities: the level of the hardware description language. This talk describes two innovations that point the way to a comprehensive solution to speculative vulnerabilities. First, I introduce PDL (Pipeline Description Language), a high-level hardware description language that makes it easy to reason about processor behavior while preserving low-level designer control. Second, I describe a new information-flow type system for hardware description languages that enables sound reasoning about speculative vulnerabilities, while permitting performance-critical speculation.
Andrew Myers is a Professor in the Department of Computer Science at Cornell University in Ithaca, NY. His research interests include computer security, programming languages, and distributed and persistent programming systems. His work on computer security has focused on practical, sound, expressive languages and systems for enforcing information security. He is on sabbatical this year and spending the fall at UC Berkeley.