CIS 700-002: Software & Hardware Support for Memory Safety Fall 2021

Course Information

instructor: Joe Devietti
when: TR 10:15-11:45am
where: Levine 512 & zoom
contact: piazza, canvas
office hours: TBD

Course Description

This course is a PhD-level seminar focused on computer security research from the computer architecture and programming languages communities, especially focused on providing memory safety and related properties. Over the course of the semester, you will complete two homework assignments where you develop code to exploit the shortcomings of various memory safety enforcement mechanisms. You will also complete an independent project (alone, or in a group if desired) exploring a new idea of yours in the space of hardware and/or software support for security.

The course requires that students are comfortable with computer architecture, the C programming language, an assembly language, and building and running software in a Linux command-line environment.

Course Schedule

Note: this schedule is subject to change.

Date Topic Presenter
Tuesday 31 August Course Overview
Thursday 2 September Penn closed due to flooding
Tuesday 7 September No class: Rosh Hoshanah
Thursday 9 September Super Mario World memory corruption

Trends, Challenges, and Strategic Shifts in the Software Vulnerability Mitigation Landscape, [slides] Matt Miller
Joe D
Tuesday 14 September The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) by Hovav Shacham. CCS 2007 Joe D
Thursday 16 September No class: Yom Kippur
Software Techniques
Tuesday 21 September UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages by Kangjie Lu, Chengyu Song, Taesoo Kim, and Wenke Lee. CCS 2016 Kelvin
Thursday 23 September Using Valgrind to detect undefined value errors with bit-precision by Julian Seward and Nicholas Nethercote. Usenix ATC 2005 Joe D
Tuesday 28 September AddressSanitizer: A Fast Address Sanity Checker by Konstantin Serebryany, Derek Bruening, Alexander Potapenko and Dmitry Vyukov. Usenix ATC 2012 Bhavana
Thursday 30 September MemorySanitizer: Fast detector of uninitialized memory use in C++ by Evgeniy Stepanov and Konstantin Serebryany. CGO 2015 Yuxuan
Tuesday 5 October A Guide to Undefined Behavior in C and C++ Part 1, Part 2, Part 3 by John Regehr

Improving Application Security with UndefinedBehaviorSanitizer (UBSan) and GCC by Diane Meirowitz
Thursday 7 October Control-Flow Integrity by Martín Abadi, Mihai Budiu, Úlfar Erlingsson and Jay Ligatti. CCS 2005 Bhavana
Tuesday 12 October Code-Pointer Integrity by Volodymyr Kuznetsov, László Szekeres, Mathias Payer, George Candea, R. Sekar and Dawn Song. OSDI 2014 Kelvin
Thursday 14 October No class: Fall Break
Tuesday 19 October Efficient Detection of All Pointer and Array Access Errors by Todd Austin, Scott Breach and Guri Sohi. PLDI 1994 Pardis
Thursday 21 October SoftBound: Highly Compatible and Complete Spatial Memory Safety for C by Santosh Nagarakatte, Jianzhou Zhao, Milo M.K. Martin and Steve Zdancewic. PLDI 2009 Calvin
Tuesday 26 October CETS: Compiler Enforced Temporal Safety for C by Santosh Nagarakatte, Jianzhou Zhao, Milo M.K. Martin and Steve Zdancewic. ISMM 2010 Irene
Thursday 28 October Low-Fat Pointers: Compact Encoding and Efficient Gate-Level Implementation of Fat Pointers for Spatial Safety and Capability-based Security by Albert Kwon, Udit Dhawan, Jonathan M. Smith, Thomas F. Knight, and Andre DeHon. CCS 2013 Kelvin
Tuesday 2 November EffectiveSan: Type and Memory Error Detection using Dynamically Typed C/C++ by Gregory J. Duck and Roland H. C. Yap. PLDI 2018 Pardis
Hardware Techniques
Thursday 4 November Watchdog: Hardware for Safe and Secure Manual Memory Management and Full Memory Safety by Santosh Nagarakatte, Milo M.K. Martin and Steve Zdancewic. ISCA 2012 Irene
Tuesday 9 November Intel MPX Explained: A Cross-layer Analysis of the Intel MPX System Stack by Oleksii Oleksenko, Dmitrii Kuvaiskii, Pramod Bhatotia, Pascal Felber, and Christof Fetzer. SIGMETRICS 2018
Intel deprecation announcement
Thursday 11 November An Introduction to CHERI by Robert N. M. Watson, Simon W. Moore, Peter Sewell and Peter G. Neumann. 2019 Will
Tuesday 16 November ARM Memory Tagging Extension and How It Improves C/C++ Memory Safety by Kostya Serebryany. Usenix login Summer 2019 Calvin
Thursday 18 November How to Survive the Hardware Assisted Control-Flow Integrity Enforcement [slides] by Jin Liu, Bing Sun and Chong Xu. Black Hat Asia 2019 Joe D
Tuesday 23 November No class: ISCA deadline
Thursday 25 November No class: Thanksgiving
Tuesday 30 November libmpk: Software Abstraction for Intel Memory Protection Keys (Intel MPK) by Soyeon Park, Sangho Lee, Wen Xu, Hyungon Moon and Taesoo Kim. Usenix ATC 2019 Yuxuan
New Languages
Thursday 2 December Cyclone: A Safe Dialect of C by Trevor Jim, Greg Morrisett, James Cheney, Dan Grossman, Michael Hicks and Yanling Wang. Usenix ATC 2002 Pardis
Tuesday 7 December Rust: Putting Ownership to Use by Niko Matsakis. Curry On 2017 Bhavana
Thursday 9 December Project Presentations