SubsidieMeestersFormalizing, Verifying and Applying ISA Security Guarantees as Universal Contracts
This project aims to enhance ISA security by developing universal contracts for specifying security properties, enabling rigorous full-system security proofs and clearer developer responsibilities.
Projectdetails
Introduction
The Instruction Set Architecture (ISA) is the interface that processor hardware offers to software developers. Current ISAs do not explicitly specify the security properties guaranteed by that interface, so that, for example, recent severe micro-architectural side-channel vulnerabilities like Spectre did not even violate the specifications.
Proposed Approach
This project proposes a fundamentally new approach to specify ISA security properties by using what we call universal contracts. These are formal contracts in a compositional program logic that automatically hold for arbitrary code. Such contracts capture ISA-enforced upper bounds on the effects of arbitrary (even attacker-controlled) software.
While this approach is widely different from traditional specifications, the approach looks extremely promising: universal contracts can be applied to general security primitives, mechanically verified against the ISA's operational semantics, and they make it possible to obtain full-system security proofs by manually verifying only the trusted code of a system.
Project Contributions
In this project, we will contribute reusable techniques and tools for applying universal contracts in realistic ISAs. To this end, we will:
- Design, prove, and evaluate universal contracts for ISAs with state-of-practice security primitives.
- Develop semi-automation machinery for verifying universal contracts of ISAs.
- Extend universal contracts to deal with semantic complications like concurrency or micro-architectural side-channels.
- Design, implement, and evaluate techniques which facilitate the construction of trusted software that relies on universal contracts, particularly assembly-level reasoning support and secure compilers.
Potential Impact
If successful, the project has the potential to fundamentally improve the security foundations of all software-based systems by:
- Clearly dividing the security responsibilities between hardware and software developers.
- Enabling scalable, rigorous, full-system security proofs.
Financiële details & Tijdlijn
Financiële details
| Subsidiebedrag | € 1.500.000 |
| Totale projectbegroting | € 1.500.000 |
Tijdlijn
| Startdatum | 1-9-2022 |
| Einddatum | 31-8-2027 |
| Subsidiejaar | 2022 |
Partners & Locaties
Projectpartners
- KATHOLIEKE UNIVERSITEIT LEUVENpenvoerder
Land(en)
Vergelijkbare projecten binnen European Research Council
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
SecuStack: Securing the Leaky Hardware/Software BoundarySecuStack aims to eliminate side-channel leaks by developing precise hardware-level leakage models to create provably secure systems, enhancing data protection against emerging attacks. | ERC Starting... | € 1.500.000 | 2024 | Details |
Resilient and Sustainable Software SecurityThe RS³ project aims to enhance software security by developing resilient and sustainable countermeasures through innovative testing, secure compilers, attack mitigation, and hardware improvements. | ERC Consolid... | € 1.998.851 | 2023 | Details |
Formal Methods for Secure Blockchain-Oriented ProgrammingBlockSec aims to establish a comprehensive framework for enforcing game-theoretic security in DeFi applications through formal methods and interdisciplinary research. | ERC Advanced... | € 2.499.983 | 2025 | Details |
Realizing the Promise of Higher-Order SMT and Superposition for Interactive VerificationThe Nekoka project aims to enhance higher-order SMT and λ-superposition for automated proof assistance, integrating them into tools for software verification and mathematical formalization. | ERC Consolid... | € 2.000.000 | 2023 | Details |
ELVER-CHECK: Well-grounded Lightweight Assurance for Critical Systems SoftwareELVER-CHECK aims to enhance the security assurance of critical systems software by developing lightweight executable checkers based on mathematical models of hardware features, targeting hypervisors like pKVM. | ERC Proof of... | € 150.000 | 2024 | Details |
SecuStack: Securing the Leaky Hardware/Software Boundary
SecuStack aims to eliminate side-channel leaks by developing precise hardware-level leakage models to create provably secure systems, enhancing data protection against emerging attacks.
Resilient and Sustainable Software Security
The RS³ project aims to enhance software security by developing resilient and sustainable countermeasures through innovative testing, secure compilers, attack mitigation, and hardware improvements.
Formal Methods for Secure Blockchain-Oriented Programming
BlockSec aims to establish a comprehensive framework for enforcing game-theoretic security in DeFi applications through formal methods and interdisciplinary research.
Realizing the Promise of Higher-Order SMT and Superposition for Interactive Verification
The Nekoka project aims to enhance higher-order SMT and λ-superposition for automated proof assistance, integrating them into tools for software verification and mathematical formalization.
ELVER-CHECK: Well-grounded Lightweight Assurance for Critical Systems Software
ELVER-CHECK aims to enhance the security assurance of critical systems software by developing lightweight executable checkers based on mathematical models of hardware features, targeting hypervisors like pKVM.
Vergelijkbare projecten uit andere regelingen
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
Integrated Safety for Deeply Embedded Systems Software (ISAFE)Het ISAFE-project ontwikkelt een geïntegreerde aanpak voor de kwalificatie van softwaretools in veiligheid kritische systemen, gericht op het voldoen aan veiligheidsstandaarden en het verbeteren van softwareontwikkeling. | Mkb-innovati... | € 160.200 | 2016 | Details |
Integrated Safety for Deeply Embedded Systems Software (ISAFE)
Het ISAFE-project ontwikkelt een geïntegreerde aanpak voor de kwalificatie van softwaretools in veiligheid kritische systemen, gericht op het voldoen aan veiligheidsstandaarden en het verbeteren van softwareontwikkeling.