Hola,
¿eres nuevo aquí?

Regístrate gratis y conecta tu empresa con financiación pública, partners y proyectos.

Tengo cuenta

Regístrate

Ver video

UniversalContracts

Financiado

Formalizing, Verifying and Applying ISA Security Guarantees as Universal Contrac...

Formalizing, Verifying and Applying ISA Security Guarantees as Universal Contracts The Instruction Set Architecture (ISA) is the interface that processor hardware offers to software developers. Current ISAs do not explicitly specify the security properties guaranteed by that interface, so that, for example, rece... ver más

31/08/2027

KU Leuven

2M€

Presupuesto del proyecto: 2M€

Líder del proyecto

KATHOLIEKE UNIVERSITEIT LEUVEN No se ha especificado una descripción o un objeto social para esta compañía.

TRL 4-5

Fecha límite participación Sin fecha límite de participación.

Financiación concedida El organismo HORIZON EUROPE notifico la concesión del proyecto el día 2022-04-01

ERC-2021-STG: ERC STARTING GRANTS Scope:Objectives

I+D

Cerrada hace 3 años

0% 100% 100%

Información adicional privada

No hay información privada compartida para este proyecto. Habla con el coordinador.

1 Participantes

KU Leuven

1.50M€ | Lider

Conecta tu I+D

¿Tienes un proyecto y buscas un partner? Gracias a nuestro motor inteligente podemos recomendarte los mejores socios y ponerte en contacto con ellos. Te lo explicamos en este video

Proyectos interesantes

HYDRANOS Hardware-assisted Adaptive Cross-Layer Security for Computin... 2M€ Cerrado

SECOMP Efficient Formally Secure Compilers to a Tagged Architecture 1M€ Cerrado

FSSec Foundations for Sustainable Security 1M€ Cerrado

EUIN2017-85841 ENCAPSULADO DE HERRAMIENTAS VIRTUAL PARA UNA GESTION ROBUSTA... 19K€ Cerrado

BRIDGE Connecting Symmetric and Asymmetric Cryptography for Leakag... 2M€ Cerrado

RYC2020-028954-I Formal verification of security and privacy properties of so... 324K€ Cerrado

Duración del proyecto: 64 meses Fecha Inicio: 2022-04-01
Fecha Fin: 2027-08-31

Líder del proyecto

KATHOLIEKE UNIVERSITEIT LEUVEN No se ha especificado una descripción o un objeto social para esta compañía.

TRL 4-5

Presupuesto del proyecto 2M€

Fecha límite de participación Sin fecha límite de participación.

Descripción del proyecto The Instruction Set Architecture (ISA) is the interface that processor hardware offers to software developers. Current ISAs do not explicitly specify the security properties guaranteed by that interface, so that, for example, recent severe micro-architectural side-channel vulnerabilities like Spectre did not even violate the specifications. This project proposes a fundamentally new approach to specify ISA security properties by using what we call universal contracts. These are formal contracts in a compositional program logic that automatically hold for arbitrary code. Such contracts capture ISA-enforced upper bounds on the effects of arbitrary (even attacker-controlled) software. While this approach is widely different from traditional specifications, the approach looks extremely promising: universal contracts can be applied to general security primitives, mechanically verified against the ISA's operational semantics and they make it possible to obtain full-system security proofs by manually verifying only the trusted code of a sytem. In this project, we will contribute reusable techniques and tools for applying universal contracts in realistic ISAs. To this end, we will (1) design, prove and evaluate universal contracts for ISAs with state-of-practice security primitives, (2) develop semi-automation machinery for verifying universal contracts of ISAs, (3) extend universal contracts to deal with semantic complications like concurrency or micro-architectural side-channels and (4) design, implement and evaluate techniques which facilitate the construction of trusted software that relies on universal contracts, particularly assembly-level reasoning support and secure compilers. If successful, the project has the potential to fundamentally improve the security foundations of all software-based systems, by (1) clearly dividing the security responsibilities between hardware and software developers and (2) enabling scalable, rigorous, full-system security proofs.

Conecta tu I+D

Entra hoy

¿Olvidé mi contraseña?

Financiación

Empresas

CTIs/Universidades

Proyectos

Investigadores