Because corporations and governments rely on computers and the internet to run everything from the electric grid, healthcare, and water systems, computer security is extremely important to all of us.
It is increasingly being breached: numerous security hacks just this past month include the Colonial Pipeline security breach and the JBS Foods ransomware attacks where hackers took over the organization’s computer systems and demanded payment to unlock and release it back to the owners. The White House is strongly urging companies to take ransomware threats seriously and update their systems to protect themselves. Yet these attacks continue to threaten all of us on an almost daily basis.
Columbia Engineering researchers who are leading experts in computer security recently presented two major papers that make computer systems more secure. This new research, which has zero to little effect on system performance, is already being used to create a processor for the Air Force Research Lab.
“Memory safety has been a problem for nearly 40 years and numerous solutions have been proposed. We believe that memory safety continues to be a problem because it does not distribute the burden in a fair manner among software engineers and end-users,” said Simha Sethumadhavan, associate professor of computer science, whose research focuses on how computer architecture can be used to improve computer security. “With these two papers, we believe we have found the right balance of burdens.”
ZeRØ: A computer memory security solution
Computer security has been a long-standing issue, with many proposed systems workable in research settings but not in real-world situations. Sethumadhavan believes that the way to secure a system is to first start with the hardware and then, in turn, the software.
The urgency of his research is underscored by the fact that he has significant grants from both the Office of Naval Research and the U.S. Airforce, and his PhD students have received a Qualcomm Innovation Fellowship to create practical security solutions.
Sethumadhavan’s group noticed that most security issues occur within a computer’s memory, specifically pointers. Pointers are used for…