Hola,
¿eres nuevo aquí?

Regístrate gratis y conecta tu empresa con financiación pública, partners y proyectos.

Tengo cuenta

Regístrate

Ver video

SECOMP

Financiado

Efficient Formally Secure Compilers to a Tagged Architecture

Severe low-level vulnerabilities abound in today’s computer systems, allowing cyber-attackers to remotely gain full control. This happens in big part because our programming languages, compilers, and architectures were designed in... ver más

31/12/2021

MPG

1M€

Presupuesto del proyecto: 1M€

Líder del proyecto

MAXPLANCKGESELLSCHAFT ZUR FORDERUNG DER WISSE... No se ha especificado una descripción o un objeto social para esta compañía.

TRL 4-5

Fecha límite participación Sin fecha límite de participación.

Ver 3 Participantes

Financiación concedida El organismo H2020 notifico la concesión del proyecto el día 2021-12-31

ERC-2016-STG: ERC Starting Grant

I+D

Cerrada hace 9 años

0% 100% 100%

Información adicional privada

No hay información privada compartida para este proyecto. Habla con el coordinador.

3 Participantes

MPG

368.22K€ | Lider

GIRBAU

396.78K€ | Participante

INRIA

1.13M€ | Participante

Conecta tu I+D

¿Tienes un proyecto y buscas un partner? Gracias a nuestro motor inteligente podemos recomendarte los mejores socios y ponerte en contacto con ellos. Te lo explicamos en este video

Proyectos interesantes

UniversalContracts Formalizing, Verifying and Applying ISA Security Guarantees... 2M€ Cerrado

HYDRANOS Hardware-assisted Adaptive Cross-Layer Security for Computin... 2M€ Cerrado

RustBelt Logical Foundations for the Future of Safe Systems Programmi... 2M€ Cerrado

BRIDGE Connecting Symmetric and Asymmetric Cryptography for Leakag... 2M€ Cerrado

SecuStack SecuStack: Securing the Leaky Hardware/Software Boundary 2M€ Cerrado

TEC2016-80549-R INTEGRACION Y VALIDACION EN LABORATORIO DE CONTRAMEDIDAS FRE... 105K€ Cerrado

Duración del proyecto: 61 meses Fecha Inicio: 2016-11-07
Fecha Fin: 2021-12-31

Líder del proyecto

MAXPLANCKGESELLSCHAFT ZUR FORDERUNG DER WISSE... No se ha especificado una descripción o un objeto social para esta compañía.

TRL 4-5

Presupuesto del proyecto 1M€

Fecha límite de participación Sin fecha límite de participación.

Descripción del proyecto Severe low-level vulnerabilities abound in today’s computer systems, allowing cyber-attackers to remotely gain full control. This happens in big part because our programming languages, compilers, and architectures were designed in an era of scarce hardware resources and too often trade off security for efficiency. The semantics of mainstream low-level languages like C is inherently insecure, and even for safer languages, establishing security with respect to a high-level semantics does not guarantee the absence of low-level attacks. Secure compilation using the coarse-grained protection mechanisms provided by mainstream hardware architectures would be too inefficient for most practical scenarios. This project is aimed at leveraging emerging hardware capabilities for fine-grained protection to build the first, efficient secure compilers for realistic programming languages, both low-level (the C language) and high-level (ML and a dependently-typed variant). These compilers will provide a secure semantics for all programs and will ensure that high-level abstractions cannot be violated even when interacting with untrusted low-level code. To achieve this level of security without sacrificing efficiency, our secure compilers will target a tagged architecture, which associates a metadata tag to each word and efficiently propagates and checks tags according to software-defined rules. We will experimentally evaluate and carefully optimize the efficiency of our secure compilers on realistic workloads and standard benchmark suites. We will use property-based testing and formal verification to provide high confidence that our compilers are indeed secure. Formally, we will construct machine-checked proofs of full abstraction with respect to a secure high-level semantics. This strong property complements compiler correctness and ensures that no machine-code attacker can do more harm to securely compiled components than a component in the secure source language already could.

Conecta tu I+D

Entra hoy

¿Olvidé mi contraseña?

Financiación

Empresas

CTIs/Universidades

Proyectos

Investigadores