New Software Abstractions for Hardware Security Technology

Symbolic picture for the article. The link opens the image in a large view.
Just in time before the new term starts, Prof. Pascal Felber in cooperation with  ETH Zürich and co-organizers Prof. Rüdiger Kapitza and Prof. Christof Fetzer invite to a Workshop at Monte Verità. From our chair Prof. Rüdiger Kapitza, Thomas Preisner and Maxim Ritter von Onciul participated in the workshop. Jonas Röckl and Matti Schulze from the chair of IT-Security joined us on this trip. We left at 06:42 AM in Erlangen and at  07:16 AM in Nürnberg on Sunday October 1st ’23. We arrived early enough in a beautiful scenery and had some spare time to drop our stuff in the hotel rooms before we joined the welcome reception. The food at site was great and I won’t go into details here. On Monday, the workshop actually began. The first talk was an introduction to the dangers of abstraction. Security-sensitive vulnerabilities occur, when abstractions break. For example when caching and speculative code execution interact and all of a sudden, malicious users can read memory that they are not supposed to read. Both, caches and speculative execution, are abstractions that a systems engineer should not be worried about, but now they have to close this broken abstraction. Quote: “Security depends on your code and everything else. To build secure systems you must know everything.” Many good talks about various aspects of confidential computing. Some examples: Trusted Execution Environments on RISC-V, introductions to CHERI, Arm CCA or Intel TDX. After almost two full days of talks, we split into four groups to discuss the future of our research domain. This discussion concluded the official part of the workshop. On Wednesday, some more senior PhD students presented their research in very brief talks. Some of them surprisingly granted some additional aspects and insights about the topic. Right before lunch, the organizers concluded the workshop and everyone headed back home. On our way home, we concluded this workshop to have been very beneficial for our individual research and we were happy to meet some names on important papers in person.