Loading grant details…
ELVER-CHECK: Well-grounded Lightweight Assurance for Critical Systems Software
| Funder | European Commission |
|---|---|
| Recipient Organization | The Chancellor Masters and Scholars of the University of Cambridge |
| Country | United Kingdom |
| Start Date | Oct 01, 2024 |
| End Date | Mar 31, 2026 |
| Duration | 546 days |
| Number of Grantees | 1 |
| Roles | Coordinator |
| Data Source | European Commission |
| Grant ID | 101189371 |
Grant Description
Computer systems have become critical to modern society, but they are pervasively subject to security flaws and attacks, with large-scale exposures of confidential data, denial-of-service and ransom attacks, and the threat of nation-state attackers: they are trusted, but are far from trustworthy.
This is especially important for the systems software enforces what protection, eg the hypervisors that use the underlying hardware to isolate components from each other.ERC AdG ELVER has developed mathematical models of the *systems features* of the underlying hardware: working with Arm to characterise virtual memory, instruction/data cache maintenance, and exceptions.
This opens up a new possibility: using those not just for correctness proof (which remains challenging), but also for *lightweight methods to improve the assurance of critical systems software*, by checking that such software obeys the subtle disciplines required by the hardware.
Targets include the pKVM hypervisor being developed by Google to protect sensitive data on all Android phones, and similar hypervisors for the Cloud.
Building on experience with a prototype checker, which has already found subtle bugs, ELVER-CHECK will prototype, assess, and demonstrate how to use executable checkers based on our mathematical models of systems architecture to improve conventional development of critical systems software, to increase assurance that it provides the intended security, at lower cost than full verification.ELVER-CHECK thus addresses an important aspect of the societal problem of the pervasive insecurity of our critical software infrastructure.This is a new opportunity: conventional software testing, analysis, and verification methods assume that memory is a simple mapping from locations to values, but they are oblivious to the subtle ways in that is simply not true for systems software, and to the disciplines that it must follow to actually enforce the intended security properties.
All Grantees
The Chancellor Masters and Scholars of the University of Cambridge
Interested in applying for this grant?
Complete our application form to express your interest and we'll guide you through the process.
Apply for This GrantQuick Summary
Related Grants
