BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Fast and Efficient Deployment of Security Defenses via Microcode C
 ustomization - Prof Ashish Venkat\, University of Virginia
DTSTART:20191111T093000Z
DTEND:20191111T103000Z
UID:TALK134728@talks.cam.ac.uk
CONTACT:Prof Simon Moore
DESCRIPTION:Maximizing performance has been a major driving force in the e
 conomics of the microprocessor industry.  However\, scaling performance wi
 thout considering security implications could have serious negative conseq
 uences\, as evidenced by the recent pile of lawsuits concerning Meltdown a
 nd Spectre attacks.  These events have highlighted the need to architect s
 ystems that can not only run at high speed\, but can also exhibit high res
 ilience against security attacks\, not just one or the other.\n\nThis talk
  will introduce context-sensitive decoding (CSD)\, a novel and transparent
  secure architecture that takes advantage of an already existing layer of 
 indirection implemented in modern ISAs -- the CISC-to-RISC micro-op transl
 ation interface\, to enable a whole suite of security defenses.  CSD is (1
 ) immediately universal\, requiring no patching of existing software\, (2)
  enforced at the microcode-level\, completely under-the-hood\, and is ther
 efore invisible to the attacker\, making it extremely hard to bypass\, and
  (3) offers significant flexibility through context-sensitive enforcement 
 of security checks for only security-critical code\, in stark contrast to 
 existing solutions that can either be always on or always off.\n\nThis tal
 k will further highlight two security defenses enabled by context-sensitiv
 e decoding.  The first defense\, context-sensitive fencing (CSF)\, enables
  the surgical injection of speculation fences into the dynamic execution s
 tream to mitigate transient execution attacks like Spectre\, while maintai
 ning acceptably high levels of performance.  The second defense enables a 
 transparent microcode-level capability-based addressing scheme to secure a
 pplications\, including legacy binaries\, against a wide array of temporal
  and spatial memory safety exploits\, without the need for recompilation o
 r binary translation.\n\nBio:\nAshish Venkat is an Assistant Professor in 
 the Department of Computer Science at the University of Virginia\, where h
 e joined after obtaining a Ph.D. from UC San Diego.  His research interest
 s are in the intersection of Computer Architecture\, Compilers\, and Compu
 ter Security\, with a focus on building high performance and secure proces
 sor architectures.  His work has been published at top-tier venues such as
  ISCA\, ASPLOS\, and HPCA\, and has been recognized as the runner-up of th
 e HPCA 2019 Best Paper Award\, and as an IEEE Micro Top Pick of all archit
 ecture papers published in 2018.  His dissertation research has been succe
 ssfully ported and transferred to the Cloud Platforms division of the IBM 
 Haifa Research Lab.
LOCATION:SS03\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR