The Grainger College of Engineering
ACE Center for Evolvable Computing

Theme 4: Security, Privacy, and Correctness

The move toward an ecosystem rich in accelerators processing sensitive data calls for a rethink of security and correctness mechanisms. While the large majority of current security frameworks tie security properties to users, applications, or hardware/software systems, we need paradigms that are more data centric. Further, we will design new Trusted Execution Environments (TEEs) for accelerators. These will be  customized to the target accelerator,  evolvable to adapt to  changes in the environment, and, importantly, automatically generated by a compiler. We also propose comprehensive and principled verification approaches for security and privacy assurance of accelerators—such as RTL-level analysis to discover security vulnerabilities. Finally, as accelerators aim for short design-to-deployment timelines, we  will develop new techniques for their quick and thorough correctness verification.

A framework for RL-based fuzzing and RTL introspection for security verification of complex security properties.
A framework for RL-based fuzzing and RTL introspection for verification of complex security properties (Courtesy of Radu Teodorescu).

The computing infrastructure will include highly-heterogeneous distributed memory and storage resources. As workloads relentlessly increase their data needs, the memory reachable by processors as local memory will expand across an entire rack–creating a formidable memory wall that we will meet with novel processor structures and gracefully-degrading coherence mechanisms. To utilize heterogeneous memory and storage assets efficiently, we will develop new abstractions that allow applications to select the type of asset needed. Moreover, we will develop theory-grounded scalable algorithms to apportion these assets efficiently among thousands of competing applications in the datacenter and billions of allocation requests. Ubiquitous intelligent memory and storage blocks distributed across the memory hierarchy will be harnessed to operate in a coordinated manner.

Heterogeneous Intelligent Memory and Storage (IMS) blocks present in multiple locations of the memory hierarchy of a distributed machine.
Heterogeneous Intelligent Memory and Storage (IMS) blocks present in multiple locations of the memory hierarchy of a distributed machine (Courtesy of Steven Swanson).

Papers and Presentations:

TEESec: Pre-Silicon Vulnerability Discovery for Trusted Execution Environments

Moein Ghaniyoun, Kristin Barber, Yuan Xiao, Yinqian Zhang, Radu Teodorescu

International Symposium on Computer Architecture (ISCA)

10.1145/3579371.358907

 

Untangle: A Principled Framework to Design Low-Leakage, High-Performance Dynamic Partitioning Schemes

Zirui Neil Zhao, Adam Morrison, Christopher W. Fletcher, Josep Torrellas

International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS)

10.1145/3582016.3582033

 

2024

SoK Paper: Power Side-Channel Malware Detection
Alexander Cathis, Ge Li, Shijia Wei, Michael Orshansky, Mohit Tiwari, Andreas Gerstlauer
HASP '24: Proceedings of the International Workshop on Hardware and Architectural Support for Security and Privacy 2024
10.1145/3696843.3696849

 

Obsidian: Cooperative State-Space Exploration for performant inference on secure ML accelerators
Banerjee, Sarbartha & Wei, Shijia & Ramrakhyani, Prakash & Tiwari, Mohit.
10.48550/arXiv.2409.02817

 

SoK: A Systems Perspective on Compound AI Threats and Countermeasures
Sarbartha Banerjee, Prateek Sahu, Mulong Luo, Anjo Vahldiek-Oberwagner, Neeraja J. Yadwadkar, Mohit Tiwari
10.48550/arXiv.2411.13459

 

RLDetect: Using Reinforcement Learning for Timing Leakage Detection in Constant Time Security Primitives TECHCON
John P Ali, Radu Teodorescu, Carter Yagemann
TechCon 2024

 

MICROSAMPLER: A Framework for Microarchitecture-Level Leakage Detection in Constant Time Execution TECHCON
Moein Ghaniyoun, Kristin Barber, Saikat Majumdar, Tinqian Zhang, Radu Teordorescu
TechCon 2024

 

Quick, Thorough and Scalable Pre-Silicon Verification with G-QED
Saranyu Chattopadhyay and Subhasish Mitra
TechCon 2024

 

ConfusedPilot: Compromising Enterprise Information Integrity and Confidentiality with Copilot for Microsoft 365
Ayush RoyChowdhury, Mulong Luo, Prateek Sahu, Sarbartha Banerjee, Mohit Tiwari
10.48550/arXiv.2408.04870

 

RTL Verification for Secure Speculation Using Contract Shadow Logic
Qinhan Tan, Yuheng Yang, Thomas Bourgeat, Sharad Malik, Mengjia Yan
ASPLOS '25: Proceedings of the 30th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 1
10.1145/3669940.3707243

 

Industrial Tutorial GQED for PreSilicon Verification
Subhasish Mitra, Saranyu Chattopadhyay, Mohammad Rahmani Fadiheh
Design and Verification Conference Europe 2024

 

NetBlocks: Staging Layouts for High-Performance Custom Host Network Stacks
Ajay Brahmakshatriya, Chris Rinard, Manya Ghobadi, Saman Amarasinghe
Proceedings of the ACM on Programming Languages, 8 (PLDI)
10.1145/3656396

 

Voltage Noise-Based Adversarial Attacks on Machine Learning Inference in Multi-Tenant FPGA Accelerators
Saikat Majumdar & Radu Teodorescu
 2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)
10.1109/HOST55342.2024.10545401

 

NeuroBack: Improving CDCL SAT Solving using Graph Neural Networks
Wenxi Wang, Yang Hu, Mohit Tiwari, Sarfraz Khurshid, Kenneth McMillan, Risto Miikkulainen
ICLR '24

 

Fixing Privilege Escalations in Cloud Access Control with MaxSAT and Graph Neural Networks
Y. Hu, W. Wang, S. Khurshid, K. L. McMillan and M. Tiwari

38th IEEE/ACM International Conference on Automated Software Engineering (ASE)
10.1109/ASE56229.2023.00167

 

DINT: Fast In-Kernel Distributed Transactions with eBPF
Yang Zhou, Xingyu Xiang, Matthew Kiley, Sowmya Dharanipragada, Minlan Yu
NSDI'24: Proceedings of the 21st USENIX Symposium on Networked Systems Design and Implementation
10.5555/3691825.3691848