Seminar Series - Secure Low-Level Programming with Compiler/Hardware Assisted Memory Safety

Speaker: Santosh Nagarakatte, University of Pennsylvania
Date: Wednesday, February 22, 2012
Time: 11:15am-12:15pm
Location: 110 McBryde

Many security vulnerabilities and memory corruption bugs stem from a design flaw in the C programming language: its lack of memory safety. Although modern languages such as Java avoid such problems by enforcing memory safety, most low-level systems code that exists today is written in C or C++. In this talk I will describe challenges in efficiently retrofitting legacy C code with full memory safety and our solutions in meeting these challenges. Specifically, I will describe both the software-only compiler transformations and hardware-assisted approaches. These techniques use disjoint metadata with pointers to provide efficient and highly compatible memory safety for legacy C source code eliminating an entire class of security vulnerabilities. Finally, I will conclude with an overview of my future research spanning the hardware-software interface in building safe and secure computing systems.

Santosh Nagarakatte is a PhD candidate and a member of the Architecture and Compilers (ACG) group at the University of Pennsylvania advised by Prof Milo Martin. His research interests include compilers, programming languages and computer architecture. He has received the IEEE Micro Top Picks paper award in 2009.