Our website uses cookies to enable essential features and improve your browsing experience. Additionally, cookies enhance overall website functionality and user experience. By choosing I Accept, you agree to our use of non-essential cookies and other tracking technologies.

You have the ability to manage your settings or withdraw your consent at any time. We are committed to maintaining the privacy and security of your personal information. For detailed information on how we use cookies, including how to manage your privacy and preferences, please visit our cookie policy .
Developmentaid logo
Print
Print
Horizon Europe (2021 - 2027)

SecuStack: Securing the Leaky Hardware/Software Boundary: SecuStack

Last update: Dec 11, 2024 Last update: Dec 11, 2024

Details

Locations:Netherlands
Start Date:Apr 1, 2024
End Date:Mar 31, 2029
Contract value: EUR 1,500,000
Sectors:Information & Communication Technology, Research
 Information & Communication Technology, Research
Categories:Grants
Date posted:Dec 11, 2024

Associated funding

Associated experts

Description

Programme(s): HORIZON.1.1 - European Research Council (ERC)

Topic(s): ERC-2023-STG - ERC STARTING GRANTS

Call for proposal: ERC-2023-STG

Funding Scheme: HORIZON-ERC - HORIZON ERC Grants

Grant agreement ID: 101115046

 

Objective:
Problem: Side-channel leaks via timing, cache, and speculation can expose sensitive information across traditional isolation barriers, putting our data at risk. Unfortunately, despite decades-long attempts to eliminate these leaks, new attacks are discovered by the day. Fundamentally, this is due to the following mismatch: Today's hardware is extremely complicated because of its myriad fast paths and performance optimizations, yet, we reason about it based on coarse, implicit, and inaccurate models. This divide between model and reality results in leaks and inefficient systems that fail to keep our data safe. Aim: SecuStack wants to put an end to this seemingly endless cycle of new attacks and defenses through a radically new approach based on the following insight: To effectively secure computer systems against side-channel leaks, we need to know when the hardware leaks, at the level of gates, flip-flops, and wires. Approach: SecuStack will leverage this insight via the following four research tasks. First, the SecuStack team will automatically construct per-processor, ground-truth leakage models at the hardware level (T1). Next, we will use those models to describe leakage at the assembly (ISA) level (T2), which in turn will allow us to synthesize provably correct software defenses (T3). These steps build on research breakthroughs from my recent work. To remain feasible for a small team in a five- year timeframe, SecuStack will not target legacy toolchains but instead aim for a breakthrough in a tightly controlled setting, based on open-source RISC-V processors and a custom compilation toolchain. Finally, we will demonstrate immediate practical impact by implementing two challenging case studies: a silicon root of trust and an enclave monitor (T4). Impact: If successful, this ambitious effort will yield the first provably secure end-to- end timing, cache, and speculation safe systems and pave the way towards secure infrastructure for the future.

Want to unlock full information?
Member-only information. Become a member to access projects awards, find the right consortia partners, subcontractors and more.
Learn more about our membership benefits
Print