In the last half-decade, several critical security vulnerabilities (like Spectre, Rowhammer, Cache Side-Channels, etc.) have been discovered in computing hardware, affecting billions of computers. These vulnerabilities enable malicious actors to steal sensitive data, tamper critical data, and even take control of the computing system. Notably, these issues are likely to become more severe in the future as transistor scaling approaches physical limits and computing systems become even more shared at scale. Therefore, security is poised to be a first-order metric for hardware and systems of this decade and beyond.
In this talk, I will describe how we can rethink security for hardware using principled randomization to defend against two high-profile hardware vulnerabilities: (1) Side-channels in processor caches and (2) Rowhammer attacks on main memories. First, I will describe MIRAGE (USENIX Security 2021), a practical and secure last-level-cache design. MIRAGE provides a principled abstraction of a fully-associative randomized cache and fundamentally eliminates cache side-channel attacks. Second, I will show how Rowhammer-based fault-injection attacks on memories can be eliminated through principled remapping of attacked rows (ASPLOS 2022). Finally, I will briefly highlight my other contributions in systems security — including memory safety, fuzzing, and new side-channel attacks. I will conclude with directions for future work on two key paradigms, “security for hardware” and “hardware for security”, that are geared towards enabling a secure, scalable, and efficient computing ecosystem.
Gururaj Saileshwar is a Ph.D. candidate in Electrical and Computer Engineering at Georgia Tech. His research bridges computer architecture and systems security. He has enabled principled, low-cost, and practical security solutions for current and future hardware. Through several industry internships, his work has influenced real-world products such as ARM’s Confidential Compute Architecture and IBM’s support for memory safety primitives in future Power and Z processors. His work has also influenced Microsoft’s efforts at mitigating transient execution attacks. Saileshwar has been recognized with a Georgia Tech (IISP) Cybersecurity Fellowship and a Georgia Tech (ECE) Bourne Fellowship. He has also been a Finalist in the Microsoft Research and Qualcomm Innovation Fellowships. His work has been recognized with an IEEE Micro Top Picks Honorable Mention and has appeared in top architecture, systems, and security venues like ASPLOS, MICRO, HPCA, USENIX Security, and CCS.