Title: Rethinking Security for Computing Hardware through Principled Randomization

LIVE STREAM: https://uwmadison.zoom.us/j/97271715921?pwd=T1FXNk1lWTZESHdTemh1K09DTS93UT09

Abstract: In the last half-decade, several critical security vulnerabilities (like Spectre, Rowhammer, Cache Side-Channels, etc.) have been discovered in computing hardware, affecting billions of computers. These vulnerabilities enable malicious actors to steal sensitive data, tamper critical data, and even take control of the computing system. Notably, these issues tend to become even more severe as we move to the future as transistor scaling approaches physical limits and computing systems become shared at scale. Therefore, security is poised to be a first-order metric for hardware and system designs of this decade and beyond.

In this talk, I will describe how we can rethink security for hardware using principled randomization to defend against two high-profile vulnerabilities: (1) Side-channels in processor caches and (2) Rowhammer attacks on main memories. First, I will describe MIRAGE (USENIX Security 2021), a practical and secure last-level-cache design. MIRAGE provides a principled abstraction of a fully-associative randomized cache and fundamentally eliminates cache side-channel attacks. Second, I will show how Rowhammer-based fault-injection attacks on DRAM main memories can be eliminated through principled remapping of attacked rows using randomization (ASPLOS 2022). Finally, I will briefly highlight my other contributions in systems security — including memory safety, fuzzing, and new side-channel attacks. I will conclude with directions for future work on two key paradigms, “security for hardware” and “hardware for security”, geared towards enabling security for the computing ecosystem without compromising performance and efficiency.

Bio: Gururaj Saileshwar is a Ph.D. candidate in Electrical and Computer Engineering at Georgia Tech. His research bridges computer architecture and systems security. He has enabled principled, low-cost, and practical security solutions that are tailored for current and future hardware. Through several industry internships, his work has influenced real-world products such as ARM’s Confidential Compute Architecture and IBM’s support for memory safety primitives in future Power and Z processors. His work has also influenced Microsoft’s efforts at mitigating transient execution attacks. Saileshwar has been recognized with a Georgia Tech (IISP) Cybersecurity Fellowship and a Georgia Tech (ECE) Bourne Fellowship. He has also been a Finalist in the Microsoft Research and Qualcomm Innovation Fellowships. His work has been recognized with an IEEE Micro Top Picks Honorable Mention and has appeared in top architecture, systems, and security venues like ASPLOS, MICRO, HPCA, USENIX Security, and CCS.