Tuesday, May 2, 2017 | Time: 16:00 – 16:30Bio: Todd Austin is a Professor of Electrical Engineering and Computer Science at the University of Michigan in Ann Arbor. His research interests include computer architecture, robust and secure system design, hardware and software verification, and performance analysis tools and techniques. Currently Todd is director of C-FAR, the Center for Future Architectures Research, a multi-university SRC/DARPA funded center that is seeking technologies to scale the performance and efficiency of future computing systems. Prior to joining academia, Todd was a Senior Computer Architect in Intel's Microcomputer Research Labs, a product-oriented research laboratory in Hillsboro, Oregon. Todd is the first to take credit (but the last to accept blame) for creating the SimpleScalar Tool Set, a popular collection of computer architecture performance analysis tools. Todd is co-author (with Andrew Tanenbaum) of the undergraduate computer architecture textbook, "Structured Computer Architecture, 6th Ed." In addition to his work in academia, Todd is founder and President of SimpleScalar LLC and co-founder of InTempo Design LLC. In 2002, Todd was a Sloan Research Fellow, and in 2007 he received the ACM Maurice Wilkes Award for "innovative contributions in Computer Architecture including the SimpleScalar Toolkit and the DIVA and Razor architectures." Todd received his PhD in Computer Science from the University of Wisconsin in 1996.
Abstract: Much of the future success of computing rests on our ability to establish trust in the hardware we build. In this talk, it will be argued that the approach taken to build secure hardware, that is adding security measures to thwart attacks, is fundamentally flawed because practical systems cannot be declared provably secure. Strangely, for security it is better to take away than to give. By removing the mechanisms used to implement attacks, it becomes possible to build large provably safe systems. The approach will be shown applied to code injection and timing-based side channels. While these "subtractive" approaches are powerful, it still remains to be seen if the techniques are composable and applicable to emerging hardware security threats.