Talk (Architecture Seminar Series): A New Mechanism Design for (Hardware) Security

ABSTRACT: Recent woes in hardware security are not only because of a lack of convincing technical solutions but also because market forces and incentives prevent those with the ability to fix problems from doing so. At the root of the problem is the fact that hardware security comes at a cost; Present issues in hardware security can be seen as the result of the players in the game of hardware security finding ways of avoiding paying this cost. We formulate this idea into a doctrine of security, namely the Doctrine of Shared Burdens and analyze three case studies---Rowhammer, Spectre, and Memory Safety---through the lens of this doctrine.

Following this we discuss a novel approach to incentivize vendors to include security in their products. Our approach, called open mandates, mandates that all vendors must dedicate some amount of resources (e.g. system speed, energy, design cost, etc.) towards security. Unlike the current state-of-the-art, "checklist security", open mandates do not prescribe specific controls that must be implemented. The goal of open mandates is to provide flexibility to vendors in implementing security controls that they see fit while requiring all vendors to commit to a certain level of security.  

We quantitatively demonstrate that such open mandates can lead to measurable improvements, and then describe how open Mandates can be enforced with a case study on hardware support for software security. We will describe our prototype system (The COMMAND system) and demonstrate its deployability.

BIO: Simha Sethumadhavan is a Professor of Computer Science at Columbia University, and founder of Chip Scan Inc., a hardware security company. Simha's research work at Columbia is focused on finding practical solutions to problems in the area of cybersecurity and computer architecture. He is a recipient of an Alfred P. Sloan Research Fellowship and the NSF CAREER award. His work has received nine best paper awards for his work on computer security and computer architecture, and his team has successfully taped out three novel computing chips on shoestring budgets. Further his team's work on identifying security vulnerabilities and formulating security defenses have resulted in fixes to major products such as processors and web browsers used by millions of users, and his work on hardware security is actively considered by standards organizations. He has served on the Federal Communications Commission Downloadable Security Technical Advisory Committee. He founded Chip Scan Inc. to transition technology developed at Columbia and the company has products that find and mitigate hardware backdoors, and hardware solutions built on Zero Trust principles. Simha obtained his PhD from UT Austin in 2007. He tweets at @TheSimha, is also on Linkedin is: https://www.linkedin.com/in/simha/. Research papers can be found here: https://www.cs.columbia.edu/~simha