Computer Engineering Seminar
Secure Low-Level Programming via Hardware-Assisted Memory-Safe C
Add to Google Calendar
Many security vulnerabilities and memory corruption bugs stem from a design flaw in the C programming language: its lack of memory bounds checking. Although modern languages such as Java avoid such problems by enforcing memory safety, most low-level systems code that exists today is written in C or C++. In this talk I will describe both the significant obstacles to efficiently retrofitting legacy C code with complete bounds checking and the solutions my group has been developing to meet these challenges. Specifically, we have proposed a hardware-assisted approach (HardBound) and a software-only compiler-based implementation (SoftBound), both of which use disjoint storage of pointer metadata to provide efficient and highly compatible bounds checking for legacy C source code.
Milo Martin is an Assistant Professor in the Computer and Information Science Department at the University of Pennsylvania. His research focuses on making computers easier to design, verify, and program. Specific projects include transactional memory, adaptive cache coherence protocols, hardware-aware verification of concurrent software, and hardware-assisted memory-safe implementations of the C programming language. Dr. Martin is a recipient of the NSF CAREER award and received a PhD from the University of Wisconsin-Madison.