Computing Community Consortium Blog

The goal of the Computing Community Consortium (CCC) is to catalyze the computing research community to debate longer range, more audacious research challenges; to build consensus around research visions; to evolve the most promising visions toward clearly defined initiatives; and to work with the funding organizations to move challenges and visions toward funding initiatives. The purpose of this blog is to provide a more immediate, online mechanism for dissemination of visioning concepts and community discussion/debate about them.

NSF Workshop Report on Side and Covert Channels in Computing Systems

March 11th, 2019 / in Announcements, CCC, NSF / by Helen Wright

This is a blog post by CCC Chair Mark D. Hill of the University of Wisconsin-Madison

As readers on the CCC blog know, the Meltdown and Spectre microprocessor design flaws revealed in early 2018 made clear that many, if not most, computer systems can leak sensitive information via implementation timing “channel.” Fortuitously and concurrent with this revelation, the US National Science Foundation had commissioned a March 2018 workshop on “Side and Covert Channels in Computing Systems” led by Guru Prasadh Venkataramani of George Washington University and Patrick Schaumont of Virginia Tech.

The report has just been issued. It provides too many research recommendations to summarize here, but let me whet your appetite with a few samples. These may be obvious to experts, but I suspect that they are less well appreciated broadly:

  • While CPU timing attacks are now well known, graphics processing units (GPUs) and other accelerators (e.g. ML) can also be vulnerable.
  • Many mitigation techniques require software-hardware co-design, as software-only can be slow and hardware-only inflexible.
  • Developing taxonomies can be useful for spotting gaps.
  • Systems that can be physically accessed (not just remote like cloud computers) are even harder to protect.
  • Internet of Things (IoT) devices are a particular concern due to possible physical access, long-life without patching, and containing sensitive information that can be used elsewhere.

These recommendations are a start, but we all need to talk and work together to ensure progress.

Other recent, CCC activity includes the Aug 12-13, 2018 Leadership in Embedded Security Workshop as well as the February 2019 AAAS panel on Cybersecurity: Transcending Physics, Technology, and Society.

Disclaimer: Posts on this blog report on happenings, opportunities, and issues that arise in the broad computing research community, and do not necessarily reflect the opinion of the CCC or the National Science Foundation.


Related posts:

  1. Interdisciplinary Research Challenges in Computer Systems (NSF Workshop Report)
  2. Nanotechnology-Inspired Information Processing Systems Workshop Report
  3. NSF Workshop Report on Grand Challenges in Edge Computing
  4. NSF Workshop to Identify Interdisciplinary Data Science Approaches and Challenges to Enhance Understanding of Interactions of Food Systems with Energy and Water Systems
  5. CCC Quantum Computing Workshop Report and NSF Quantum Solicitation
NSF Workshop Report on Side and Covert Channels in Computing Systems

Tags:

Comments are closed.