News
Currently, no news are available
Security at the Hardware-Software Interface:
Information-Flow Tracking and Hardware-Software Contracts
Description
Spectre, Meltdown, and other microarchitectural attacks have been in the limelight in recent years. These attacks exploit subtle timing and behavioral differences of processors that are caused by microarchitectural optimizations such as caches and speculative execution to gain access to secret information.
How can we build systems that do not suffer from such vulnerabilities? Different communities have contributed related but distinct approaches to this question. In this course we will study work from two communities:
- Hardware information-flow tracking (IFT) determines how information propagates through hardware. It can be used to analyze a microarchitecture's information flows both dynamically and statically. We will study recent advances that make IFT applicable to modern processors.
- Hardware-software contracts capture potential information leakage due to microarchitectural side channels at the software level, enabling secure programming, e.g. of cryptographic algorithms, in a rigorous manner. We will study recent work to test and verify hardware-software contracts.
Each participant will give a presentation of an assigned paper, followed by a group discussion. All students are expected to read each paper carefully and to actively participate in the discussions. Each student will write a summary of the paper they have presented, including a general overview of the topic and reflecting the group discussion.
This is a combined proseminar and seminar with a total of 12 seats.
Requirements
Basic knowledge of computer architecture (e.g. due to System Architecture) is required.
Knowledge of security and formal methods is a plus, but not required.
Format
- Each student is assigned one of the two groups of papers:
- each student is designated as the presenter of one of the papers from his/her group (the presentation should be about 25 minutes long)
- each student needs to read all papers from his/her group and submit a one-page summary + 3 questions about each paper (excluding the paper he/she is presenting)
- The presenter of paper needs to deliver a talk draft to his/her advisor at least 24 days (hard deadline) prior to his/her scheduled talk. In the week before the talk, the presenter should also deliver a practice talk to his/her advisor.
- Summaries+questions have to be delivered 24 hours prior to the respective session.
- For the seminar students (and thus not the proseminar students), a seminar report (should summarize the paper and discuss it in the context of the other work studied in the seminar) is required in addition, to be delivered at the end of the term, 24.3.2026).
Grading Scheme
| Seminar | Proseminar | ||||
| Presentation | Rough presentation draft | 35% | 7% | 50% | 10% |
| Full set of slides | 7% | 10% | |||
| Actual presentation of paper | 21% | 30% | |||
| Summaries of other papers + questions | 20% | 30% | |||
| Participation during sessions | 15% | 20% | |||
| Seminar Report (Seminar students only) | 30% | ||||
Calendar
Six sessions of 1h30 each are planned:
- 1st session: Wednesday, 10.12.2025, 10-12 (tentative)
- 2nd session: Wednesday, 17.12.2025, 10-12 (tentative)
- 3rd session: Wednesday, 7.01.2026, 10-12 (tentative)
- 4th session: Wednesday, 14.01.2026, 10-12 (tentative)
- 5th session: Wednesday, 21.01.2026, 10-12 (tentative)
- 6th session: Wednesday, 28.01.2026, 10-12 (tentative)
- Seminar report delivery (only for Seminar students): 24.03.2026