Objective
Microarchitectural attacks exploit hardware side-effects to compromise otherwise secure programs. These attacks rely on microarchitectural leaks, which reveal information about a program's execution through indirect observations (e.g. by measuring a program's execution time) of a CPU internal state. Through these leaks, attackers can, for instance, stealthily recover encryption keys and secret passwords from security-critical software.
To prevent leaks, software developers need to reason about the interactions between software and a CPU's microarchitecture. For this, they rely on program-level models describing how information might leak microarchitecturally and they modify their implementations accordingly to ensure the absence of leaks.
This way of building leak-free systems, however, has one fundamental flaw: current models are unsound for modern multi-core CPUs. They have no precise relation with a CPU's microarchitecture and may ignore actual leaks. This results in insecure programs that leak information despite being secure with respect to the model.
Primula's goal is to establish foundations for security against microarchitectural leaks in modern multi-core CPUs. For this, Primula will develop a new theory of hardware-software leakage contracts for multi-core CPUs together with tools for applying these contracts to hardware and software. Primula will close the gap between program-level models and CPUs by inferring sound contracts directly from a processor's microarchitecture. These contract will be used to automatically secure software against microarchitectural leaks. Primula is high risk since it requires developing novel verification and synthesis techniques, targeting both hardware and software, that need to scale to modern CPUs and software systems. Yet, Primula is high gain since it allows tackling security-critical microarchitectural leaks, once and for all, rather than relying on ad-hoc patches whenever new leaks are discovered.
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
- natural sciences computer and information sciences software
- engineering and technology electrical engineering, electronic engineering, information engineering electronic engineering computer hardware computer processors
You need to log in or register to use this function
Keywords
Project’s keywords as indicated by the project coordinator. Not to be confused with the EuroSciVoc taxonomy (Fields of science)
Project’s keywords as indicated by the project coordinator. Not to be confused with the EuroSciVoc taxonomy (Fields of science)
Programme(s)
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
-
HORIZON.1.1 - European Research Council (ERC)
MAIN PROGRAMME
See all projects funded under this programme
Topic(s)
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Funding Scheme
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
HORIZON-ERC - HORIZON ERC Grants
See all projects funded under this funding scheme
Call for proposal
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
(opens in new window) ERC-2025-COG
See all projects funded under this callHost institution
Net EU financial contribution. The sum of money that the participant receives, deducted by the EU contribution to its linked third party. It considers the distribution of the EU financial contribution between direct beneficiaries of the project and other types of participants, like third-party participants.
28223 Pozuelo De Alarcon
Spain
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.