Innovating Works

RS³

Financiado
Resilient and Sustainable Software Security
"In parallel with the ongoing digitization, computer security has become an increasingly important and urgent challenge. In particular, the sound and robust implementation of complex software systems is still not well understood i... "In parallel with the ongoing digitization, computer security has become an increasingly important and urgent challenge. In particular, the sound and robust implementation of complex software systems is still not well understood in practice, as evidenced by the steady stream of successful attacks observed in the wild. The current state of the art in software security consists of solutions that are often technically sound, but do not provide operational security in practice. With the Resilient and Sustainable Software Security (RS³) project, we propose a compelling research agenda to fundamentally change this situation by developing novel countermeasures at different system levels that fundamentally improve security. On the one hand, the system must be ""resilient"" against entire classes of attack vectors. On the other hand, the system must be ""sustainable"", i.e., it must be able to maintain its security at least over its design lifetime and possibly even adapt over time. Our work plan addresses the problem from four different angles by (i) developing novel software testing strategies that enable accurate and efficient vulnerability discovery, (ii) designing secure compiler chains that embed security properties during the compilation phase that can be enforced at runtime, (iii) devising robust mechanisms that mitigate and patch advanced attacks, and (iv) investigating how hardware changes for open-source hardware (e.g., RISC-V processors) can improve the efficiency and accuracy of all of these goals. We expect to develop innovative methods and fundamental principles to build, test, and patch complex systems securely and efficiently. This holistic approach covers multiple layers of the computing stack, and each aspect has the potential to improve security significantly. The main success criterion will be our ability to perform a security analysis of a complex system an order of magnitude more effectively and efficiently than with current state-of-the-art methods." ver más
31/12/2027
CISPA HELMHOLTZZE...
2M€
Perfil tecnológico estimado
Duración del proyecto: 61 meses Fecha Inicio: 2022-11-15
Fecha Fin: 2027-12-31

Línea de financiación: concedida

El organismo HORIZON EUROPE notifico la concesión del proyecto el día 2022-11-15
Línea de financiación objetivo El proyecto se financió a través de la siguiente ayuda:
ERC-2021-COG: ERC CONSOLIDATOR GRANTS
Cerrada hace 3 años
Presupuesto El presupuesto total del proyecto asciende a 2M€
Líder del proyecto
CISPA HELMHOLTZZENTRUM FUR INFORMATIONSSICHE... No se ha especificado una descripción o un objeto social para esta compañía.
Perfil tecnológico TRL 4-5