Trains, planes, and other safety- and security-critical systems that our society relies on are controlled by computer systems, as is much of our critical infrastructure, including the power grid and cellular networks. But can we trust in the safety and security of these systems?
The starting point of SafeSecS is the observation that today’s hardware-software abstractions, instruction set architectures (ISAs), are fundamentally inadequate for the development of safe or secure systems. Indeed, ISAs abstract from timing, making it impossible to develop safety-critical systems that have to satisfy real-time constraints on top of them. Neither do ISAs provide sufficient security guarantees, making it impossible to develop secure systems on top of them. As a consequence, engineers are forced to rely on brittle timing and security models that are proven wrong time and again, as evidenced e.g. by the recent Spectre attacks; putting our society at risk.
SafeSecS attacks the problem at its root by introducing a framework centered around hardware-software contracts that extend the guarantees provided by ISAs to capture key non-functional properties. Hardware-software contracts formally capture the expectations on correct hardware implementations and they lay the foundation for achieving safety and security guarantees as the software level. Below the hardware-software interface, SafeSecS aims to contribute modular design principles and tools to construct microarchitectures that provably satisfy a given hardware-software contract. Above the hardware-software interface, SafeSecS will develop rigorous, precise, and scalable techniques to guarantee key safety and security properties at the software level on top of hardware-software contracts. As a whole, SafeSecS will enable the systematic engineering of safe and secure hardware-software systems we can trust in.
- Synthesizing Hardware-Software Leakage Contracts for RISC-V Open-Source Processors (Best Paper Award Candidate
)
G. Mohr, M. Guarnieri, and J. Reineke
DATE, March 2024
[bib]@inproceedings{Mohr24,
title = {Synthesizing Hardware-Software Leakage Contracts for RISC-V Open-Source Processors},
author = {Mohr, Gideon and Guarnieri, Marco and Reineke, Jan},
booktitle = {Design, Automation and Test in Europe Conference and Exhibition (DATE), 2024},
month = {Mar},
organization = {IEEE},
year = {2024}
}
- Kawa: An Abstract Language for Scalable and Variable Detection of Spectre Vulnerabilities (Third Place in SPLASH 2024 Student Research Competition)
Z. Wu, H. Zeng, and A. Bies
Companion Proceedings of the 2024 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity, 2024
[doi] [bib]@inproceedings{Kawa24,
title = {Kawa: An Abstract Language for Scalable and Variable Detection of Spectre Vulnerabilities},
abstract = {Since the discovery of Spectre attacks, various detection methods for speculative vulnerabilities have been developed. Sound static analyses based on symbolic execution give precise results but lack scalability, while pattern-based analyses can accommodate large code bases but may be unsound and require manually crafted patterns for each microarchitecture.
We introduce Kawa, an abstract language designed to model control and data flows, allowing efficient analysis of Spectre vulnerabilities. Kawa's abstract nature also enables interpretation as schemata to capture entire classes of concrete programs with speculative leaks.},
address = {New York, NY, USA},
author = {Wu, Zheyuan and Zeng, Haoyi and Bies, Aaron},
booktitle = {Companion Proceedings of the 2024 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity},
doi = {10.1145/3689491.3689971},
isbn = {9798400712142},
keyword = {SMT solver, information flow, side-channel attacks, symbolic execution},
location = {Pasadena, CA, USA},
numpages = {3},
pages = {37â39},
publisher = {Association for Computing Machinery},
series = {SPLASH Companion '24},
url = {https://doi.org/10.1145/3689491.3689971},
year = {2024}
}
- FACILE: Fast, Accurate, and Interpretable Basic-Block Throughput Prediction
A. Abel, S. Sharma, and J. Reineke
IISWC, 2023
[doi] [bib]@inproceedings{Abel23,
title = {{FACILE}: Fast, Accurate, and Interpretable Basic-Block Throughput Prediction},
author = {Abel, Andreas and Sharma, Shrey and Reineke, Jan},
booktitle = {{IEEE} International Symposium on Workload Characterization, {IISWC} 2023, Ghent, Belgium, October 1-3, 2023},
publisher = {{IEEE}},
year = {2023},
doi = {10.1109/IISWC59245.2023.00023},
url = {https://arxiv.org/pdf/2310.13212},
}
- Leveraging LLVM's ScalarEvolution for Symbolic Data Cache Analysis (Outstanding Paper Award )
V. Touzeau and J. Reineke
RTSS, 2023
[bib]@inproceedings{Touzeau23,
title = {Leveraging LLVM's ScalarEvolution for Symbolic Data Cache Analysis},
author = {Touzeau, Valentin and Reineke, Jan},
booktitle = {2023 {IEEE} Real-Time Systems Symposium, {RTSS} 2023, Taipei, Taiwan, December 5-8, 2023},
year = {2023}
}
- Specification and Verification of Side-channel Security for Open-source Processors via Leakage Contracts (Distinguished Paper Award at CCS 2023 and Intel Hardware Security Academic Award Finalist 2024)
Z. Wang, G. Mohr, K. Gleissenthall, J. Reineke, and M. Guarnieri
CCS, 2023
[bib]@inproceedings{wang2023specification,
title = {Specification and Verification of Side-channel Security for Open-source Processors via Leakage Contracts},
author = {Wang, Zilong and Mohr, Gideon and Gleissenthall, Klaus von and Reineke, Jan and Guarnieri, Marco},
booktitle = {Proceedings of the 30th ACM Conference on Computer and Communications Security},
publisher = {ACM},
series = {CCS 2023},
year = {2023}
}
- uiCA: Accurate Throughput Prediction of Basic Blocks on Recent Intel Microarchitectures
A. Abel and J. Reineke
ICS, 2022
[bib]@inproceedings{Abel22,
title = {{uiCA}: Accurate Throughput Prediction of Basic Blocks on Recent {Intel} Microarchitectures},
author = {Abel, Andreas and Reineke, Jan},
booktitle = {{ICS} '22: 2022 International Conference on Supercomputing, Virtual Event, USA, June 27-30, 2022},
series = {ICS '22},
editor = {Rauchwerger, Lawrence and Cameron, Kirk and Nikolopoulos, Dimitrios S. and Pnevmatikatos, Dionisios},
pages = {1--12},
publisher = {{ACM}},
month = {June},
year = {2022},
url = {https://dl.acm.org/doi/pdf/10.1145/3524059.3532396}
}
- LLVMTA: An LLVM-Based WCET Analysis Tool
S. Hahn, M. Jacobs, N. Hölscher, K. Chen, J. Chen, and J. Reineke
WCET, 2022
[doi] [bib]@inproceedings{hahn_et_al:OASIcs.WCET.2022.2,
title = {{LLVMTA: An LLVM-Based WCET Analysis Tool}},
address = {Dagstuhl, Germany},
annote = {Keywords: WCET analysis, low-level analysis, LLVM},
author = {Hahn, Sebastian and Jacobs, Michael and H{\"o}lscher, Nils and Chen, Kuan-Hsun and Chen, Jian-Jia and Reineke, Jan},
booktitle = {20th International Workshop on Worst-Case Execution Time Analysis (WCET 2022)},
doi = {10.4230/OASIcs.WCET.2022.2},
editor = {Ballabriga, Cl\'{e}ment},
isbn = {978-3-95977-244-0},
issn = {2190-6807},
pages = {2:1--2:17},
publisher = {Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
series = {Open Access Series in Informatics (OASIcs)},
url = {https://drops.dagstuhl.de/opus/volltexte/2022/16624},
urn = {urn:nbn:de:0030-drops-166242},
volume = {103},
year = {2022}
}
- Warping Cache Simulation of Polyhedral Programs
C. Morelli and J. Reineke
PLDI, June 2022
[doi] [bib]@inproceedings{Morelli22,
title = {Warping Cache Simulation of Polyhedral Programs},
address = {New York, NY, USA},
author = {Morelli, Canberk and Reineke, Jan},
booktitle = {PLDI},
doi = {10.1145/3519939.3523714},
isbn = {978-1-4503-9265-5/22/06},
location = {San Diego, CA, USA},
numpages = {16},
publisher = {ACM},
series = {PLDI '22},
url = {http://doi.acm.org/10.1145/3519939.3523714},
month = {Jun},
year = {2022},
}
- On the Trade-offs between Generalization and Specialization in Real-Time Systems
G. der Brüggen, A. Burns, J. Chen, R. Davis, and J. Reineke
RTCSA, 2022
[bib]@inproceedings{Brueggen22,
title = {On the Trade-offs between Generalization and Specialization in Real-Time Systems},
author = {der Br\"uggen, Georg von and Burns, Alan and Chen, Jian-Jia and Davis, Robert I. and Reineke, Jan},
booktitle = {28th {IEEE} International Conference on Embedded and Real-Time Computing Systems and Applications, {RTCSA} 2022, Taipei, Taiwan, August 23-25, 2022},
publisher = {{IEEE}},
year = {2022}
}
- Hardware-Software Contracts for Secure Speculation (Best Paper Award )
M. Guarnieri, B. Köpf, J. Reineke, and P. Vila
S&P (Oakland), May 2021
[bib]@inproceedings{Guarnieri21,
title = {Hardware-Software Contracts for Secure Speculation},
author = {Guarnieri, Marco and K{{\"o}}pf, Boris and Reineke, Jan and Vila, Pepe},
booktitle = {2021 {IEEE} Symposium on Security and Privacy, {SP} 2021, Proceedings, San Francisco, California, {USA}},
month = {May},
url = {https://arxiv.org/abs/2006.03841},
year = {2021}
}
