ERC Advanced Grant HYDRANOS

Motivation

  • Increasing crucial hardware vulnerabilities, particularly those that can be exploited by (remote) unprivileged software
  • However, existing defences are: ad-hoc, highly limited, inefficient and customized
  • Challenge: A fundamental solution requires modification of hardware which is currently not possible post-fabrication

Our vision in the ERC project HYDRANOS: A radically new security approach to overcome the current ad-hoc solution culture

HYDRANOS: Our Vision for Future of SoC Security Design

HYDRANOS presents an innovative vision centered around hardware-assisted adaptive security, signifying a paradigm shift in empowering adaptable security solutions for upcoming computing systems. Our primary objective is conceptualizing, creating, and assessing dedicated and customizable hardware components embedded within the System-on-Chip (SoC) architecture. This hardware will facilitate the post-fabrication reconfiguration of fundamental security-oriented components, offering robust mitigation against emerging attack vectors.

In addition, HYDRANOS is committed to developing a groundbreaking fuzzer meticulously tailored to pinpoint vulnerabilities spanning multiple layers within computing systems during the design phase. We aim to address critical security gaps preemptively by focusing on these cross-layer weaknesses.

The impact of HYDRANOS on establishing a foundation for trustworthy computing is profound. By its very nature, it introduces a dynamic and adaptable framework capable of effectively countering present and future cross-layer security threats that target systems of paramount importance. Through our endeavors, we aspire to contribute pioneering research that paves the way for resilient and future-proof security solutions. The outcomes of our efforts will be showcased on open-source hardware, extensively embraced by both academia and industry. We remain dedicated to providing our results to the broader research community, fostering an environment of open collaboration and third-party validation

Challenges

  • Identification and mapping of security-relevant elements to configurable units
  • Optimization strategies for security, performance, power & area trade-off of configurable units
  • Validation of configuration strategies, also exploring novel hardware fuzzing methods
  • Providing first open platform with adaptive security

Publications

  1. Rostami, Mohamadreza and Chilese, Marco and Zeitouni, Shaza and Kande, Rahul and Rajendran, Jeyavijayan and Sadeghi, Ahmad-Reza (2024):
    Beyond Random Inputs: A Novel ML-Based Hardware Fuzzing 27. IEEE Design, Automation and Test in Europe Conference (DATE ‘24), Valencia, Spain, 25. – 27. March 2024, [Conference or Workshop Item]
  2. Gohil, Vasudev, Rahul Kande, Chen Chen, Ahmad-Reza Sadeghi, and Jeyavijayan Rajendran. “MABFuzz: Multi-Armed Bandit Algorithms for Fuzzing Processors.” arXiv preprint arXiv:2311.14594 (2023). Link
  3. Chen, Chen, Vasudev Gohil, Rahul Kande, Ahmad-Reza Sadeghi, and Jeyavijayan Rajendran. “PSOFuzz: Fuzzing Processors with Particle Swarm Optimization.” In 2023 IEEE/ACM International Conference on Computer Aided Design (ICCAD), pp. 1-9. IEEE, 2023. Link
  4. Chen, Chen, Rahul Kande, Nathan Nyugen, Flemming Andersen, Aakash Tyagi, Ahmad-Reza Sadeghi, and Jeyavijayan Rajendran. “HyPFuzz: Formal-Assisted Processor Fuzzing.” arXiv preprint arXiv:2304.02485 (2023). Link
  5. Kande, Rahul, Addison Crump, Garrett Persyn, Patrick Jauernig, Ahmad-Reza Sadeghi, Aakash Tyagi, and Jeyavijayan Rajendran. “{TheHuzz}: Instruction Fuzzing of Processors Using {Golden-Reference} Models for Finding {Software-Exploitable} Vulnerabilities.” In 31st USENIX Security Symposium (USENIX Security 22), pp. 3219-3236. 2022. Link
  6. Chen, Chen, Rahul Kande, Pouya Mahmoody, Ahmad-Reza Sadeghi, and J. V. Rajendran. “Trusting the trust anchor: towards detecting cross-layer vulnerabilities with hardware fuzzing.” In Proceedings of the 59th ACM/IEEE Design Automation Conference, pp. 1379-1383. 2022. Link
  7. Jauernig, Patrick, Domagoj Jakobovic, Stjepan Picek, Emmanuel Stapf, and Ahmad-Reza Sadeghi. “DARWIN: Survival of the Fittest Fuzzing Mutators.” arXiv preprint arXiv:2210.11783 (2022). Link
  8. Dessouky, Ghada, Alexander Gruler, Pouya Mahmoody, Ahmad-Reza Sadeghi, and Emmanuel Stapf. “Chunked-cache: On-demand and scalable cache isolation for security architectures.” arXiv preprint arXiv:2110.08139 (2021). Link
  9. Kenjar, Zijo, Tommaso Frassetto, David Gens, Michael Franz, and Ahmad-Reza Sadeghi. “{V0LTpwn}: Attacking x86 processor integrity from software.” In 29th USENIX Security Symposium (USENIX Security 20), pp. 1445-1461. 2020. Link
  10. Dessouky, Ghada, Tommaso Frassetto, and Ahmad-Reza Sadeghi. “{HybCache}: Hybrid {Side-Channel-Resilient} caches for trusted execution environments.” In 29th USENIX Security Symposium (USENIX Security 20), pp. 451-468. 2020. Link
  11. Dessouky, Ghada, Shaza Zeitouni, Ahmad Ibrahim, Lucas Davi, and Ahmad-Reza Sadeghi. “CHASE: A configurable hardware-assisted security extension for real-time systems.” In 2019 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 1-8. IEEE, 2019. Link
  12. Dessouky, Ghada, David Gens, Patrick Haney, Garrett Persyn, Arun Kanuparthi, Hareesh Khattri, Jason M. Fung, Ahmad-Reza Sadeghi, and Jeyavijayan Rajendran. “{HardFails}: Insights into {Software-Exploitable} Hardware Bugs.” In 28th USENIX Security Symposium (USENIX Security 19), pp. 213-230. 2019. Link

Acknowledgement

We would like to express our deep gratitude to the European Research Council (ERC) for funding our project HYDRANOS within the prestigious ERC Advanced Grant Program. Their support and belief in our research have enabled us to embark on this exciting journey of exploration and discovery for a adaptive security-by-design for the next generation SoCs. We are truly honored and grateful for this opportunity to advance knowledge and contribute to the scientific community.
europe, flag, countries-151606.jpg