GGrantIndex
← Search

SaTC: CORE: Small: Language Abstractions for Reconfigurable Hardware Monitors on Manycore Architectures

$515,449FY2020CSENSF

Ohio University, Athens OH

Investigators

Abstract

Embedded system security is compromised when an attack exploits pre-existing software flaws in order to gain control of program behavior. Even when the software running on embedded hardware is trusted, an attacker can still insert malicious code when the program is running to compromise system security. Therefore, to mitigate such software attacks on embedded systems, it is critical that both hardware and software are holistically combined into an effective system architecture to safeguard and preserve our nation’s interests. This project will systematically and comprehensively explore the implementation of dynamic security policies with high assurance on reconfigurable hardware with significant reduction in power and latency. This research project will foster new research directions in several areas, spanning programming languages, security policies, computer architecture, reconfigurable hardware and applications, with the potential to significantly transform the design of next-generation embedded manycore architectures. All the research findings and simulation toolkits will be disseminated to the community via conference and journal publications, and a dedicated website. The research will also play a major role in education by integrating discovery with teaching and training. This project will continue to expand outreach activities and broaden participation in computing by making the necessary efforts to attract and train minority students in this field. The design and implementation of high-level language abstractions for specification, verification, and implementation of reconfigurable hardware monitors, with specific emphasis on low-overhead defenses against control- and information-flow attacks is proposed in this project. The overarching goal of this project is to dynamically update hardware in response to program behavior in order to monitor precise security policies with minimal overhead (power, area, time). First, this project will develop high-level language abstractions for implementing dynamic security monitors, those that reconfigure at runtime to enforce precise security properties. To provide high assurance, a verified compiler to an idealized hardware description language together with associated tools such as a verified equational theory will be developed. Second, this project will explore the design and implementation of reusable hardware components against which the high-level language abstractions can be compiled both in uni- and manycore environments. The basic building blocks will be aggregated into coarse-grain reconfigurable arrays (CGRA) that can be tailored to program behavior via state and topology reconfiguration. Third, in software, this project will validate security monitors implementing defenses against code- and control-flow injection attacks, among others. In hardware, this project will extensively model and simulate security monitors using simulation tools to evaluate latency, execution time, power and area overhead on benchmark suites. Finally, this project will validate that the proposed hardware monitors that are generated by the high-level security policies will detect and mitigate attacks. This project will result in (1) novel high-level language abstractions for dynamic security policies implemented on reconfigurable hardware; (2) a verified compiler to an idealized hardware description language together with an equational theory; (3) the design and implementation of reusable hardware components (a basic block) that retain state while allowing policy reconfiguration; (4) the aggregation of basic blocks into CGRA that can be tailored to program behavior via state and topology updates for uni- and manycore architectures; and (5) extensive modeling and simulation of hardware monitors that implement defenses against code- and control-flow injection attacks using benchmarks and tools. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →
SaTC: CORE: Small: Language Abstractions for Reconfigurable Hardware Monitors on Manycore Architectures · GrantIndex