A principled approach to cross-layer software and hardware design for security

Computer systems are constructed by building abstractions on top of
one another, thus making it possible for engineers to focus on the
part of the system they have expertise in. For instance, hardware
engineers and software engineers can work relatively independently
from one another.
While the layered design approach has been extremely successful
and has many advantages (including: enabling portability and reuse
of software, and support for hiding and managing complexity), there
are also disadvantages. In their Turing award lecture, Hennessy and
Patterson make an excellent case that significant further
improvements in some aspects of computer systems (including
performance as well as security) will require vertically integrated
designs with coordinated design decisions across abstraction layers.
An important open question is how to do this, while maintaining most
of the benefits of layering.
This project develops a principled approach to do vertically
integrated, cross-layer design for security. The project extends
traditional layer specifications that specify functionality of a layer with
security specifications.
These security specifications make it possible to design security
mechanisms at different layers in a coordinated way, leading to both
better security, as well as a reduction in the cost of security.
The project will develop the formal foundations of this principled
approach, and will show practical feasibility by applying it in two case
studies.