SUSHI

Computer systems rely on computing platforms to execute user applications and host their data. These computing platforms are made of different hardware and system software and tend to grow in complexity. This growing complexity of interactions between software and hardware components raises serious privacy and trust issues in today’s computer systems. To address these issues, the main research goal of the SUSHI team will be to assess and increase the security level of existing and future computing platforms at the software/hardware interface. We aim to:

• identify new vulnerabilities resulting from software/hardware interactions in such complex and heterogeneous platform
• propose secure-by-design approaches to prevent the exploitation of such vulnerabilities.
• develop host-based intrusion detection and reaction approaches by leveraging software/hardware interactions.
• formally prove the security properties enforced or detected by software/hardware security mechanisms

We propose to decline our research on three different levels at the software/hardware interface:

• The hardware architecture and microarchitecture level focuses on the hardware part of the interface, which should provide software with the required services to ensure security;
• The system software level focuses on low-level software, such as OSes or hypervisors, which are heavily tied to hardware interfaces and must use them correctly to achieve security;
• The binary executable analysis and instrumentation level focuses on analyzing and modifying binary executables, i.e., sequences of instructions belonging to the Instruction Set Architecture.