Applied Security Research

After the discovery of Spectre and Meltdown, the processor, operating system, and compiler vendors were forced to take on the challenging task of analyzing microarchitectural CPU behavior in a security context in order to develop mitigations. Hardware information flow tracking can assist in reasoning about the impact of opaque low-level hardware features on isolation guarantees made at higher abstraction levels (ex. the programmer's view). Tortuga Logic has been developing a methodology in collaboration with a large processor vendor to detect Spectre and Meltdown type vulnerabilities pre-silicon during simulation and emulation. While at Tortuga Logic I was the lead security researcher on this project and was responsible for formulating Spectre and Meltdown detection in terms of information flow rules.

At Tortuga Logic I also participated in developing methodologies for detecting illegal key flows in security subsystems, verifying on-chip bus access control policies, and ensuring proper clearing of sensitive data in resources shared between different trust levels. These strategies were developed for customers and demonstrated in the context of their design.

I am constantly learning about the challenges industry faces in the quest to develop SoCs that are complex and feature-rich but also secure.