SubsidieMeestersELVER-CHECK: Well-grounded Lightweight Assurance for Critical Systems Software
ELVER-CHECK aims to enhance the security assurance of critical systems software by developing lightweight executable checkers based on mathematical models of hardware features, targeting hypervisors like pKVM.
Projectdetails
Introduction
Computer systems have become critical to modern society, but they are pervasively subject to security flaws and attacks. This includes large-scale exposures of confidential data, denial-of-service and ransom attacks, and the threat of nation-state attackers: they are trusted, but are far from trustworthy.
Importance of Systems Software
This is especially important for the systems software that enforces what protection is in place, e.g., the hypervisors that use the underlying hardware to isolate components from each other.
Development of Mathematical Models
ERC AdG ELVER has developed mathematical models of the systems features of the underlying hardware. This involves working with Arm to characterize:
- Virtual memory
- Instruction/data cache maintenance
- Exceptions
This opens up a new possibility: using these models not just for correctness proof (which remains challenging), but also for lightweight methods to improve the assurance of critical systems software.
Targets and Applications
The focus is on checking that such software obeys the subtle disciplines required by the hardware. Targets include:
- The pKVM hypervisor being developed by Google to protect sensitive data on all Android phones
- Similar hypervisors for the Cloud
Building on experience with a prototype checker, which has already found subtle bugs, ELVER-CHECK will prototype, assess, and demonstrate how to use executable checkers based on our mathematical models of systems architecture. This aims to improve the conventional development of critical systems software, increasing assurance that it provides the intended security at a lower cost than full verification.
Societal Impact
ELVER-CHECK thus addresses an important aspect of the societal problem of the pervasive insecurity of our critical software infrastructure.
New Opportunities in Software Testing
This is a new opportunity: conventional software testing, analysis, and verification methods assume that memory is a simple mapping from locations to values. However, they are oblivious to the subtle ways in which this is simply not true for systems software, and to the disciplines that it must follow to actually enforce the intended security properties.
Financiële details & Tijdlijn
Financiële details
| Subsidiebedrag | € 150.000 |
| Totale projectbegroting | € 150.000 |
Tijdlijn
| Startdatum | 1-10-2024 |
| Einddatum | 31-3-2026 |
| Subsidiejaar | 2024 |
Partners & Locaties
Projectpartners
- THE CHANCELLOR MASTERS AND SCHOLARS OF THE UNIVERSITY OF CAMBRIDGEpenvoerder
Land(en)
Vergelijkbare projecten binnen European Research Council
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
LEARN: Learning Efficient Automated Reasoning on the NetLEARN automates reasoning and proof strategies for software certification, providing a web-based framework to enhance safety and security in complex computer systems, reducing costs from software errors. | ERC Proof of... | € 150.000 | 2025 | Details |
Custom Cryptographic Solutions with Formal Security GuaranteesCryspen aims to transition ERC Circus's verified cryptographic research into a production-ready software stack, enhancing security for enterprises through formal verification and custom solutions. | ERC Proof of... | € 150.000 | 2022 | Details |
Resilient and Sustainable Software SecurityThe RS³ project aims to enhance software security by developing resilient and sustainable countermeasures through innovative testing, secure compilers, attack mitigation, and hardware improvements. | ERC Consolid... | € 1.998.851 | 2023 | Details |
SecuStack: Securing the Leaky Hardware/Software BoundarySecuStack aims to eliminate side-channel leaks by developing precise hardware-level leakage models to create provably secure systems, enhancing data protection against emerging attacks. | ERC Starting... | € 1.500.000 | 2024 | Details |
Hardware-assisted Adaptive Cross-Layer Security for Computing SystemsHYDRANOS aims to revolutionize computing security by designing adaptable hardware within SoCs for post-fabrication reconfiguration to combat emerging cross-layer attacks. | ERC Advanced... | € 2.485.281 | 2022 | Details |
LEARN: Learning Efficient Automated Reasoning on the Net
LEARN automates reasoning and proof strategies for software certification, providing a web-based framework to enhance safety and security in complex computer systems, reducing costs from software errors.
Custom Cryptographic Solutions with Formal Security Guarantees
Cryspen aims to transition ERC Circus's verified cryptographic research into a production-ready software stack, enhancing security for enterprises through formal verification and custom solutions.
Resilient and Sustainable Software Security
The RS³ project aims to enhance software security by developing resilient and sustainable countermeasures through innovative testing, secure compilers, attack mitigation, and hardware improvements.
SecuStack: Securing the Leaky Hardware/Software Boundary
SecuStack aims to eliminate side-channel leaks by developing precise hardware-level leakage models to create provably secure systems, enhancing data protection against emerging attacks.
Hardware-assisted Adaptive Cross-Layer Security for Computing Systems
HYDRANOS aims to revolutionize computing security by designing adaptable hardware within SoCs for post-fabrication reconfiguration to combat emerging cross-layer attacks.
Vergelijkbare projecten uit andere regelingen
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
Integrated Safety for Deeply Embedded Systems Software (ISAFE)Het ISAFE-project ontwikkelt een geïntegreerde aanpak voor de kwalificatie van softwaretools in veiligheid kritische systemen, gericht op het voldoen aan veiligheidsstandaarden en het verbeteren van softwareontwikkeling. | Mkb-innovati... | € 160.200 | 2016 | Details |
HyperPV, the first GPU-Powered Physical Verification Framework with High Performance Computing capabilities.AMSIMCEL is developing HyperPV, a GPU-powered Physical Verification Framework to enhance EDA tools' efficiency and speed in semiconductor design verification via a SaaS cloud platform. | EIC Accelerator | € 2.500.000 | 2023 | Details |
Optimisation of a novel software tool for automation of the design & verification process of semiconductor developmentLUBIS EDA is developing software to automate chip design and verification, ensuring error-free production, faster market entry, and increased revenue for semiconductor developers. | EIC Accelerator | € 2.499.999 | 2024 | Details |
Integrated Safety for Deeply Embedded Systems Software (ISAFE)
Het ISAFE-project ontwikkelt een geïntegreerde aanpak voor de kwalificatie van softwaretools in veiligheid kritische systemen, gericht op het voldoen aan veiligheidsstandaarden en het verbeteren van softwareontwikkeling.
HyperPV, the first GPU-Powered Physical Verification Framework with High Performance Computing capabilities.
AMSIMCEL is developing HyperPV, a GPU-powered Physical Verification Framework to enhance EDA tools' efficiency and speed in semiconductor design verification via a SaaS cloud platform.
Optimisation of a novel software tool for automation of the design & verification process of semiconductor development
LUBIS EDA is developing software to automate chip design and verification, ensuring error-free production, faster market entry, and increased revenue for semiconductor developers.