Programming languages

group_project

Visible to the public SaTC: An Architecture for Restoring Trust in Our Personal Computing Systems

Computers today are so complex and opaque that a user cannot possibly hope to know, let alone trust, everything occurring within the machine. While software security techniques help ensure the integrity of user computations, they are only as trustworthy as the underlying hardware. Even though many proposals provide some relief to the problem of hardware trust, the user must ultimately rely on the assurances of other parties. This work restores hardware trust through a simple, small, and slow pluggable hardware element.

group_project

Visible to the public TWC: Medium: Collaborative: Retrofitting Software for Defense-in-Depth

The computer security community has long advocated the concept of building multiple layers of defense to protect a system. Unfortunately, it has been difficult to realize this vision in the practice of software development, and software often ships with inadequate defenses, typically developed in an ad hoc fashion.

group_project

Visible to the public NSFSaTC-BSF: TWC: Small: Horizons of Symmetric-Key Cryptography

Symmetric-key primitives are the lifeblood of practical cryptography, and are critical components of nearly any computer security system. The cryptographic community has developed a rich body of work on theoretically sound symmetric objects, but they are many orders of magnitude too slow for realistic usage. Thus, practitioners use fast primitives that have been designed to withstand known attacks, but which lack rigorous security guarantees based on natural mathematical problems.

group_project

Visible to the public  STARSS: Small: Automatic Synthesis of Verifiably Secure Hardware Accelerators

Specialized hardware accelerators are growing in popularity across the computing spectrum from mobile devices to datacenters. These special-purpose hardware engines promise significant improvements in computing performance and energy efficiency that are essential to all aspects of modern society. However, hardware specialization also comes with added design complexity and introduces a host of new security challenges, which have not been adequately explored.

group_project

Visible to the public TWC: Medium: Micro-Policies: A Framework for Tag-Based Security Monitors

Current cybersecurity practice is inadequate to defend against the security threats faced by society. Unlike physical systems, present-day computers lack supervising safety interlocks to help prevent catastrophic failures. Worse, many exploitable vulnerabilities arise from the violation of well-understood safety and security policies that are not enforced due to perceived high performance costs. This project aims to demonstrate how language design and formal verification can leverage emerging hardware capabilities to engineer practical systems with strong security and safety guarantees.

group_project

Visible to the public TWC: Small: Blameworthy Programs: Accountability via Deviance and Causal Determination

Security protocols enable useful tasks over untrusted networks. For example, confidential communication over the Internet between users and Web services like Google, Facebook, Amazon and Bank of America rely on protocols like SSL/TLS and the supporting Public Key Infrastructure (PKI). These protocols are designed to provide global security properties like authentication and confidentiality when various parties (e.g., the user, the Web service, and participants in the PKI such as certificate authorities) execute their prescribed programs.

group_project

Visible to the public CAREER: Automated Analysis of Security Hyperproperties

Computer programs and cryptographic protocols are increasingly being used to access confidential and private information on the Internet. Due to their complex nature, they often have subtle errors that can be exploited by malicious entities. As security flaws can have serious consequences, it is important to ensure that computer programs and cryptographic protocols achieve their security objectives.

group_project

Visible to the public TWC: Small: A platform for enhancing security of binary code

Cyberattacks are enabled by software vulnerabilities that allow attackers to plant software exploits. As old vulnerabilities are found and fixed, attackers continue to find new ones. As a result, software vendors, system administrators and security professionals have come to rely increasingly on techniques that insert additional code into software for detecting and/or blocking cyber attacks in progress.

group_project

Visible to the public TWC: Medium: Collaborative: Aspire: Leveraging Automated Synthesis Technologies for Enhancing System Security

Designing secure systems and validating security of existing systems are hard challenges facing our society. For implementing secure applications, a serious stumbling block lies in the generation of a correct system specification for a security policy. It is non-trivial for both system designers and end users to express their intent in terms of formal logic. Similar challenges plague users' trying to validate security properties of existing applications, such as web or cloud based services, which often have no formal specifications.

group_project

Visible to the public EDU:Collaborative: VACCS - Visualization and Analysis for C Code Security

The proposed project will develop Visualization and Analysis of C Code Security (VACCS) tool to assist students with learning secure code programming. The proposal addresses the critical issue of learning secure coding through the development of a system for analyzing and visualizing C code and associated learning materials. VACCS will utilize static and dynamic program analysis to detect security vulnerabilities and warn programmers about the potential errors in their code.