Today's computing systems are facing an unprecedented security threat posed by recent attacks that use software to exploit hardware vulnerabilities, as shown by attacks like Spectre, Meltdown, Foreshadow, and follow-ups - affecting a wide range of computing platforms and manufacturers, including Intel, AMD, and ARM. These cross-layer attacks reach far beyond exploiting microarchitectural vulnerabilities and allow unprivileged software to exploit a variety of hardware design and implementation flaws, as we demonstrated in the world's largest System-on-Chip (SoC) security competition that we have been conducting with Intel since 2018. This adversarial paradigm shift sidesteps decades of security research that assumed a layered architecture where hardware is flawless and trustworthy. Existing solutions, such as software patching or specific hardware changes are ad-hoc, expensive, or only mitigate specific known attacks. Particularly, patching hardware after fabrication is very limited or impossible.
This proposal, HYDRANOS, envisions hardware-assisted adaptive security, a radically different approach to enable flexible security for future computing systems. We aim to design, prototype, and evaluate dedicated configurable hardware inside the SoC design to enable post-fabrication reconfiguration of key security-relevant hardware primitives to mitigate new attack vectors. Moreover, we provide an evaluation framework that includes novel hardware fuzzing techniques to significantly improve existing hardware-vulnerability detection methods at design time.
HYDRANOS is a game changer for trustworthy computing, allows to fundamentally and flexibly tackle today’s and future cross-layer attacks on security-critical systems, and provides novel research to pave the way towards future-proof security. We will showcase our results on open-source hardware widely supported by academia and industry and provide it to the research community, allowing open verification by third-parties.
- HORIZON.1.1 - European Research Council (ERC) Main Programme