Hardware-software interfaces for security

Hardware-software layers with lock

Security has become a first-order design constraint. The software development community has already recognized this, and it is now clear computer architecture must also design systems with security in mind. However, this requires revisiting decades-old hardware development patterns.

Many of the architectural innovations that have driven the increase in compute capability for the past 50 years were designed ignoring their security implications. It is time for us to revisit many of these microarchitectural optimizations with security in mind.

Current work

As a first step, we recently published a paper arguing that traditional ISAs’ architectural state is no longer adequate in the security-first era. Instead of defining how instructions change the architectural state, we argue that the ISA should also formally define how instructions will affect the extra-architectural state. The extra-architectural state is any state in the processor for which changes can be perceived by others in the system (e.g., the addresses currently cached in the L1 cache).

More details can be found in our HASP paper.

Future projects

We’re looking for motivate students to work on new projects in this space. Specifically, we’re looking for students with experience using Chisel and implementing RISC-V cores so we can add new security instructions and test out new hardware-software interfaces.

If you are interested in working on this contact Prof. Jason Lowe-Power.