CTSRD – Rethinking the hardware-software interface for security
|Newsflash - December 2012: IEEE Spectrum has posted a Techwise Conversations podcast with Robert Watson discussing the clean-slate argument for computer security in operating systems and computer architecture.|
|Newsflash - October 2012: The New York Times has posted an article on Peter G. Neumann and our work on clean-slate host and network security as part of their Science section.|
|Newsflash - October 2012: ACM Queue has posted a video interview with Robert Watson, CTSRD project lead at Cambridge on the topic of research into the hardware-software interface, as well as the CHERI processor.|
CTSRD is a joint research project between SRI International's Computer Science Laboratory and the University of Cambridge Computer Laboratory, supported by DARPA and Google. The project is revisiting the hardware-software security interface for general-purpose CPUs to fundamentally improve security; to this end, we are integrating a hybrid capability model and continuous hardware-assisted validation of security design principles with a commodity CPU ISA and open source operating systems. We are pursuing several new software/hardware features as part of this research:
- capability hardware enhanced RISC instructions (CHERI): hardware-assisted in-process sandboxing for UNIX based on a hybrid capability model,
- temporally enforced security logic assertions (TESLA): compiler-generated runtime instrumentation continuously validating temporal security properties, and
- the security-oriented analysis of application programs (SOAAP): automated program analysis and transformation techniques to help software authors utilize Capsicum and CHERI features.
There is a strong interest, throughout, in judiciously applying formal methodology and bringing formally grounded techniques to mainstream hardware and software development. This work has motivated the creation of the Bluespec extensible RISC implementation -- an open source platform for research into the hardware-software interface, with a BSD-licensed operating system and toolchain based on FreeBSD and Clang/LLVM. We plan to use open source, wherever possible, to transition new technologies into mainstream use.
CTSRD builds on long past experience at both institutions in security and systems research, including Multics, PSOS, the Newcastle DSS, separation kernels, the DARPA CHATS programme, PVS/SAL/YICES, LynuxWorks, the CAP computer, the MAC Framework, multi-threaded CPU design, Xen, Capsicum, and MirageOS.
- Peter G. Neumann, Robert N.M. Watson. CRASH PI Meeting May 2013 - CTSRD Poster. Park Ridge, NJ, May 2013.
- Peter G. Neumann, Robert N.M. Watson. CRASH PI Meeting November 2012 - CTSRD Poster. San Diego, CA, November 2012.
- Peter G. Neumann, Robert N.M. Watson. CRASH PI Meeting May 2012 - CTSRD Poster. Boston, MA, May 2012.
- Peter G. Neumann, Robert N.M. Watson. CRASH PI Meeting November 2011 - CTSRD Poster. Arlington, VA, November 2011.
- Peter G. Neumann, Robert N.M. Watson. CRASH PI Meeting May 2011 - CTSRD Poster. Palo Alto, CA, May 2010.
- Peter G. Neumann, Robert N.M. Watson. CRASH PI Meeting November 2010 - CTSRD Poster. Washington, DC, November 2010.