Loading…

Loading grant details…

Completed STANDARD GRANT National Science Foundation (US)

CNS Core: Small: Rethinking Runtime Software Security Hardening in the Context of Hybrid Instruction Set Architecture

$5M USD

Funder National Science Foundation (US)
Recipient Organization Virginia Polytechnic Institute and State University
Country United States
Start Date Oct 01, 2021
End Date Sep 30, 2024
Duration 1,095 days
Number of Grantees 2
Roles Principal Investigator; Co-Principal Investigator
Data Source National Science Foundation (US)
Grant ID 2127491
Grant Description

Computing is increasingly heterogeneous (e.g., CPU/GPUs, CPU/FPGAs) to meet the ever-increasing performance demands of applications, necessitated in part by the end of Moore's law. The latest trend in this direction is CPUs with different instruction-set-architectures (or ISAs), especially in mobile computing and Internet-of-Things (IoT) settings. Applications for heterogeneous computers are often developed by dividing them across the ISA boundary: software for each ISA is separately developed due to the intrinsic architecture differences.

As a result, application programmers often cannot fully leverage ISA-specific hardware security features. In addition, existing software security techniques are largely ISA-specific: threat models and exploit mitigations are usually developed for a target ISA.

This project addresses this problem by developing a software infrastructure that allows applications to transparently utilize ISA-specific security features. The infrastructure includes a compiler and a run-time framework that hides ISA differences and exposes an ISA-agnostic abstraction through code generation for multiple ISAs, dynamic process state transformations for security hardening across ISAs, and cross-ISA unified shared memory.

Several security techniques will be developed using this infrastructure to demonstrate effectiveness including adaptive attack surface reduction, code and data space randomization, and dynamic software patching. The project’s software infrastructure will allow programmers to develop more secure application software for emerging computers without additional programming effort, and thereby meet the pressing societal need for secure computing infrastructures.

The project's software artifacts and experimental results will be publicly available under a permissive open-source license at the project website for at least five years after the project completion.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

All Grantees

Virginia Polytechnic Institute and State University

Advertisement
Discover thousands of grant opportunities
Advertisement
Browse Grants on GrantFunds
Interested in applying for this grant?

Complete our application form to express your interest and we'll guide you through the process.

Apply for This Grant