Bhagi
Narahari
Research Projects and Selected Publications
- Research Interests: Embedded
Systems,
Software security, Optimizing Compilers, Pervasive
Computing, Computer Architecture, Networks and
Distributed
Computing, Electronic Commerce
Research Projects
Hardware/Software
Approaches to Software
Security
The new-found ubiquity of embedded
processors in consumer and
industrial applications brings with it an intensified focus on
security, as a strong level of trust in the system software is crucial
to their widespread deployment. The growing area of software protection
attempts to address the key steps used by hackers in attacking a
software system. In this research, we explore an integrated
hardware-software approach to software security.
The
focus of our research is exploring the role of hardware in
creating more secure systems (with special focus on embedded systems)
and specifically the question of
how hardware
can assist us in providing secure platforms. Several problems and
projects are being considered in this research.
- Physical
Attacks: One of the problems we consider are attacks on secure
applications, such as military
applications, where software execution
takes place in an entirely encrypted form. While it is thought that
encrypted
execution effectively
deters
any kind of attack, we in fact show that several types of attacks of still
possible. Our research explores an integrated
hardware-software
co-design approaches that aim to combine novel techniques in the
areas of compilers, architecture and software security in order to provide a
high level of both security and adaptability by. By utilizing a secure
hardware coprocessor in the form of a reconfgurable logic (such as a
Field-Programmable
Gate Array - FPGA), we aim to provide solutions that do not require
re-design of the processor instruction set and can be implemented using
COTS technology. The secure hardware component
accelerates
execution of programs in a secure environment, while the reprogrammable
nature of FPGAs provides us with the flexibility to carry out
application specific
compiler-driven protections and therefore the ability to adapt the
security mechanism to the needs of the application.This research
is supported by grants from National Science Foundation
(NSF-ITR program) and Air Force Office of Scientific Research (AFOSR).
The project provides an architecture and compiler simulation
environment using the SimpleScalar suite, and provides prototype
implementation using the Xilinx Virtex II Pro family.
- Defense against Trojan Circuits:
We address the problem of
building a trusted execution environment using untrusted components. In
the most general version of this problem, chips that are manufactured
in untrusted foundries may include added circuitry to not only
compromise operation or leak keys, but to also enable
software-triggered attacks and to facilitate reverse engineering. The
current approach of using a custom-designed hardware platform is
unattractive both because of the sheer cost of maintaining a foundry as
well as the inability to exploit COTS components based on latest
technologies. Furthermore, Encrypted execution platforms, where
instructions and data are in encrypted form in the memory and decrypted
in the processor, do not provide a trusted secure platform under this
Trojan circuit attack model. We are thus led to consider the problem of
devising an architecture that: (1) uses untrusted components (chips)
from untrusted foundries; (2) has the ability to execute applications
in secure mode, and (3) creates barriers for the most sophisticated
kind of reverse engineering.Our approach to this problem can be
summarized as follows. We utilize a dual encryption protocol, a
two-processor architecture, and leverage a trusted tool-chain under the
supervision of architects and developers of the targeted secure
applications. One of these processors is configured as a gateway, while
the other is configured to emulate a variety of instruction sets.
Furthermore, the instruction sets are dynamically modifiable, as
directed by a smart compiler that
generates secure applications with the ability to switch instruction
sets at run-time. Our goal is to detect the moment that the Trojan
circuit “makes its move” and then to raise an alarm to the user. We
assume that the system itself is built in a secure trusted location and
that no collusion exists between foundries and system developers.
- Hardware
containers for Software Components:
One of
the motivations of this project relates to the manner in which software
is constructed: large software packages are built from components put
together from variety of sources. For example, the popular Firefox
browser is not only constructed from dozens of components worldwide,
but its design expressly allows for plugins to be installed by the
user. Anymalicious component can cause serious damage when incorporated
into the larger package. Thus, a developer who must use potentially
untrusted components, or must allow user plugins, can use our approach
to contain those components and entirely remove their ability to
improperly access memory or take over the CPU. We propose a
hardware-software platform that places each software component in a
conceptual hardware container (when the component is at a function
level), i.e., a hardware wrapper for an entire application, that checks
every memory access and tracks CPU cycles consumed by the
component. The architectural and compiler techniques we propose
are directed at any attack that makes an unauthorized memory access or
hijacks the CPU. These basic attacks are often the critical first step
in carrying out higher-level attacks. We propose the design of
primitives at the hardware/software interface to detect attacks,
through access violations, and to support automated software recovery
after an attack. We are designing a method to isolate software
modules into atomic units with strictly enforced checks on memory
operations. The architectural and software design techniques are
directed to thwart attacks that results in unauthorized access to
memory and to maximize the accountability of the modules where the
attack originated. We design a hardware unit to act as a reference
monitor and check each memory access for compliance to a strict
set of
rules. Our research focuses on how the hardware checker is build,
how
to derive the rules for typical software protection
policies. A system simulation is planned using Simics with GEMS for functional and micro
architectural simulations.
Compiler
Optimization for ILP Architectures
Recent architectures, such as
Intel's IA-64 family, are based on the
EPIC (Explicitly Parallel Instruction Computing) architecture. EPIC
processors
provide a large degree of hardware parallelism, but as opposed to
superscalar
processors, require that dependence analysis and scheduling be done
entirely
by the software -- thus making the role of the compiler even more
critical.
they require that parallelism be extracted by the compiler.Our projects
have focused on developing an Optimizing Assembler for EPIC
Architectures,
and developing a research compiler infrastructure for Intel's IA-64
processor. Funded in part by National Security Agency, under the LUCITE
program.
- SPASM: An Optimizing Assembler for EPIC/VLIW Architectures:
Numerous
statements
have been made concerning the feasibility of programming multi-unit
processors
at the assembly language level. This research, however, focuses on
the
development of techniques to support the development of an optimized
EPIC
assembler. This research explores methods to perform block formation,
register
allocation, instruction scheduling, and code generation using assembly
language source code as input. These topics form the foundation for the
development of optimizing assemblers for EPIC processors.
- TRITANIUM: This project developed a backend IA-64 code
generation
module
for the Trimaran Compiler Infrastructure -- called Tritanium.
This
infrastructure allows researchers to develop front end and backend
compiler
optimization techniques and test their effectiveness on Intel's Itanium
processor. Source code is downloadable at the
Tritanium Website.
Embedded
Systems
- Power-aware compiler toolset (funded by NASA and
Intelligent Automation Inc.) Goals: Design and
build a
compiler to optimize power consumption; investigate algorithms for
resource
allocation. The focus of our research is in the development of compiler
optimization techniques for embedded applications . Specifically, the
research
is investigating compiler techniques to minimize the power consumed by
memory devices on an embedded system.
- Rapid Prototyping Infrastructure for Embedded Networks (funded by
National Security Agency). The
research
goal
is to examine issues in developing platforms for future embedded
networks.
In particular, for larger nodes, a Java-based platform will provide the
advantages shared by Java development platforms for the desktop.
However,
such an approach requires careful examination of resource usage and
should
present the developer with the opportunity to exploit hardware.
Furthermore,
instead of re-writing a JVM for each new hardware, there is a need for
modularly constructing JVM’s to allow for software development to keep
pace with new hardware. This project examines the development of a
configurable
JVM for embedded systems.