Research Mentor: Omer Khan
Domain specific hardware is thriving, and much attention is devoted to building distributed embedded systems on platforms such as multicore processors, FPGAs, or even customized systems-on-chip. These platforms allow concurrent execution of applications that spatio-temporally share hardware resources for efficiency. However, sharing leaves hardware vulnerable to security attacks since the execution footprint of applications can leave measurable side effects in shared resources, such as caches and queues. The recent Meltdown and Spectre attacks have shown that this behavior can be exploited to expose information that is otherwise inaccessible or not directly visible in the system state. This makes hardware sharing a dangerous open attack vector on modern embedded processors. The objective of this project (supported by NSF grant # 1929261) is to explore hardware centric strong isolation principles to limit resource sharing in domain specific hardware, while maintaining superior system performance. A prototype multicore resource isolation framework has been developed on a real 72--core multicore machine, Tilera TILE-Gx72. The proposed hardware isolation framework is expected to apply to a variety of domain specific hardware, ranging from multicore processors, to FPGAs, to even system-on-chip designs. The expected outcome is to develop embedded hardware that is resilient against both temporal and spatial side-channel security vulnerabilities.
REU students will focus on projects in one or more of the following topics: (1) leakage-adaptive dynamic hardware resource management, while exploiting the performance and security tradeoff, (2) develop information leakage models needed for various shared hardware resources, and (3) conduct security analysis by quantifying the side-channel trails in various domain specific systems, such as the prototyped multicore machine, as well as an FPGA based embedded system. Throughout this project, REU students will learn state-of-the-art secure processor technology.