[Ukfreebsd] Fwd: [oshug] OSHUG #59 — CHERI CPU, Adding Security to Compilers, Trust & Provenance in Open Data, Thursday 27th July.

Sevan Janiyan venture37 at geeklan.co.uk
Tue Jul 18 20:38:53 BST 2017




Begin forwarded message:

> From: Andrew Back <andrew at abopen.com>
> Date: 18 July 2017 19:28:51 BST
> To: "oshug at oshug.org" <oshug at oshug.org>
> Subject: [oshug] OSHUG #59 — CHERI CPU, Adding Security to Compilers, Trust & Provenance in Open Data, Thursday 27th July.
> Reply-To: Open Source Hardware User Group Discussion List <oshug at oshug.org>
> 
> 
> Hello,
> 
> Registration is now open for the fifty-ninth meeting, featuring talks on
> trust and provenance in Open Data at GDS, adding security to compilers
> (LADA project and SECURE project), extending a RISC ISA to add
> capability enhancements for improved security (CHERI project).
> 
> A big thanks to Sevan Janiyan and Andy Bennett for arranging this meeting!
> 
> Details and registration link below.
> 
> Cheers,
> 
> Andrew
> 
> //
> 
> OSHUG #59 — CHERI CPU, Adding Security to Compilers, Trust & Provenance
> in Open Data.
> 
> On the 27 July 2017, 18:00 - 21:00 at BCS London, 1st Floor, The
> Davidson Building, 5 Southampton Street, London, WC2E 7HA.
> 
>  Registration: http://oshug.org/event/59
> 
> After a brief hiatus we return this month for an evening of talks on the
> topics of trust and provenance in Open Data at GDS, adding security to
> compilers (LADA project and SECURE project), extending a RISC ISA to add
> capability enhancements for improved security (CHERI project).
> 
> — Trust and provenance in Open Data
> 
> T.B.A.
> 
> — Adding security to compilers
> 
> Information leakage via side channels is a widely recognised threat to
> cyber security. In particular small devices are known to leak
> information through physical channels, i.e. power consumption,
> electromagnetic radiation, and timing behaviour. Serveral implementation
> techniques and countermeasures are arising nowadays against this kind of
> threaths, but still only fully equipped testing labs with skilled people
> can afford to test new implementations against leakage attacks. We will
> focus on the information leakage due to timing behaviour and the
> possibility of 'cache-based' timing attacks. Then we will discuss about
> my work in the context of two projects (LADA project and SECURE project)
> which aim at bringing the skill of a testing lab to the desk of a
> developer of standard consumer devices, without the need for domain
> specific knowledge through the development of open source compilers.
> 
> * Paolo Savini is an Intern Compiler Engineer at Embecosm Ltd working on
> the SECURE Project, where he is helping to bring the next generation of
> secure programming techniques to open source compilers. Prior to joining
> Embecosm he cooperated with the LADA project at the University of
> Bristol in order to explore the possility of creating compiler tools to
> help improve implementation of cryptography. Paolo is currently
> graduating at the University of Pavia (Italy), where he achieved a
> Bachelor degree in Electronic and Computer Engineering.
> 
> — The CHERI CPU: Hardware-software co-design for security
> 
> This talk will introduce the CHERI CPU and associated C/C++ compiler
> stack. Various design decisions in the project were made based on the
> needs of programming languages to support real-world code and the
> requirements of hardware implementation. The C specification is
> intentionally vague and it would be very easy to create a conforming
> implementation of the language if this were the only requirement, but a
> C environment is only as good as the code that it runs. In the CHERI
> project, we have investigated a number of common C idioms and ensured
> that these can be supported by our hardware, while simultaneously
> allowing fine-grained memory safety and coarser-grained
> compartmentalisation of C programs.
> 
> * David Chisnall is a Senior Research Associate at the University of
> Cambridge. His primary research interest is safe interoperability
> between programming languages. Most recently, he has been working on
> this in the context of the CHERI project, creating an implementation of
> the C programming language that can be used safely in the same process
> as languages with stricter safety guarantees. He presented a case study
> of this, allowing Java and C code to coexist in the same process without
> violating any of the JVM's safety and security guarantees at ASPLOS
> earlier this year. David is an active open source contributor, having
> been an LLVM committer since 2008, a member of the FreeBSD Core Team for
> two successive terms, and the author / maintainer of widely deployed
> Objective-C and C++ runtime libraries.
> 
> Note: Please aim to arrive by 18:15 as the event will start at 18:30 prompt.
> 
> -- 
> Andrew Back
> http://abopen.com
> 
> _______________________________________________
> oshug mailing list
> oshug at oshug.org
> http://oshug.org/cgi-bin/mailman/listinfo/oshug


More information about the Ukfreebsd mailing list