Slot 3

Processor Architecture Security
Jakub Szefer, Yale University, USA

Abstract

Processor architecture security has become one of the important aspects of cybersecurity and computer security in recent years. Many of today’s processors provide so-called Trusted Execution Environments (TEEs), which leverage hardware extensions to processors to protect users’ software modules, applications, containers, or even whole Virtual Machines. Proper design and validation of the TEEs is necessary to ensure a system’s security and that the processors can ensure confidentiality, integrity and even protection from side-channels or physical attacks, for the code and data they are protecting. Among various threats, side-channels and speculative execution (and attacks that it can lead to) have emerged as key threats that processors should protect from. These have been widely publicized due to the Spectre and Meltdown attacks and their variants.

The summer course aims to teach the participants about the principles that processor architects and designers should use to ensure their processor architectures are secure, especially given side- channel attack threats which have re-emerged as a significant threat to security. The summer course will focus on design of secure processor architectures, the TEEs that they provide, and present design patterns that can be gleaned from the existing research works to derive the principles that inform design of the future secure architectures. The course will also dedicate special attention to side-channels and speculative execution attacks. A number of strategies for defense of the various attacks will be presented, including extended discussion of secure processor caches and other designs for secure functional units in the processor. The course will also touch on some hardware security topics, especially pertaining to implementation and manufacturing of the processors, and the threats and possible defense at each step of the design, implementation, and manufacturing of a secure processor.

Bio

Jakub Szefer’s research interests are at the intersection of computer architecture and hardware security. His research focuses on secure processor architectures for servers and mobile devices, virtualization and cloud security, hardware security verification, physically unclonable functions, hardware FPGA implementation of cryptographic algorithms, and Cloud FPGA security. His research is supported through National Science Foundation and industry donations. He joined Yale University in summer 2013 as an Assistant Professor of Electrical Engineering, where he started the Computer Architecture and Security Laboratory (CAS Lab). Prior to joining Yale, he received Ph.D. and M.A. degrees in Electrical Engineering from Princeton University and worked with Prof. Ruby B. Lee on secure hardware architectures. He received B.S. with highest honors in Electrical and Computer Engineering from University of Illinois at Urbana-Champaign. He has received the NSF CAREER award in 2017. Most recently, Jakub is the author of a new book: "Principles of Secure Processor Architecture Design,” published in Oct. 2018; and he has been promoted to the IEEE Senior Member rank in 2019.


  Back to course info