SILM semester on the Security of Software/Hardware Interfaces
The security of software and hardware components used to be considered as different problems and have been studied by distinct scientific communities. However, it is more and more important to combine both software and hardware aspects of the computer to deal with new software attacks. For example, hardware vulnerabilities such as Spectre or Meltdown can be exploited by pure software attacks. Such attacks can be launched remotely and do not require any physical access to the device. This emphasizes the need to study both the attack and defense aspects of the security of software/hardware interfaces. This poses several challenges.
First, hardware platforms tend to be more and more complex and the behavior specifications of the different hardware components are not always publicly available. Such specifications can also be incomplete, incorrect, or imprecise. Thus, different approaches have to be proposed by researchers to recover the expected behavior or the state of hardware components before studying or using them.
Another important challenge is to assess the security level of these hardware platforms against software attacks. The study of existing and new types of vulnerabilities in hardware platforms is crucial. Analyzing the software attacks that can use such vulnerabilities is also important to evaluate their feasibility and their criticality.
The study of defense mechanisms is also important. Modern platforms tend to embed more and more security mechanisms in hardware components. This raises interesting questions such as: What type of security mechanisms could be implemented in hardware platforms at an acceptable cost? What are precisely the security properties guaranteed by such mechanisms? Software counter-measures can also be used in systems and applications executed on the hardware platform to protect them against software attacks exploiting hardware vulnerabilities.
The SILM thematic semester is dedicated to the security of software/hardware interfaces and we would like to focus more particularly on the three following axes:
- Analyzing the behavior and the state of hardware components using, e.g. trace mechanisms, fuzzing, reverse-engineering techniques, or side channel analyses;
- Studying the hardware vulnerabilities and the software attacks that can exploit them: e.g. side-channels, fault injections, or exploitation of unspecified behavior;
- Detecting and preventing software attacks using dedicated hardware components. Proposing software countermeasures to protect from hardware vulnerabilities.
The goal of this semester is to promote the scientific, teaching and industrial transfer activities on the security of software/hardware interfaces. Our objective is also to identify scientific and technological challenges in that field and to propose a strategic action plan. To that end, we will:
- organize different events: a summer school, a regular seminar, a dedicated workshop in 2019 and in 2020;
- animate a working group and publish a white-paper;
- invite researchers for long stays.