Cyber Security Seminar: Trustworthy software systems
Pramod Bhatotia, Associate Professor (Reader), University of Edinburgh
University of Bristol, Merchant Venturers Building, Room 0.3, Woodland Road, Bristol.
In this digital age, we are increasingly relying on modern online services and cyber-physical systems that are based on “data-driven intelligence". These intelligent applications require a high degree of reliability, real-time performance, scalability, and security. The state-of-the-art for designing, developing, and deploying such applications follow ad hoc practices, where the application programmers explicitly manage computational resources and application state on a per-application basis. However, such ad hoc practices easily become unmanageable because the underlying computing infrastructure composed of cloud and edge/IoT computing resources is highly heterogenous, and it comes with varying degree of performance, cost, reliability, and security guarantees. Our work aims to build an end-to-end generic system that supports the design, development, and deployment of a wide-range of data-driven intelligent applications, where the application programmers, such as machine learning experts or data scientists, can focus on their core business logic/algorithms, and our system transparently provides all the aforementioned desired functional properties.
More specifically, I will present four system design principles for trustworthy software systems: (1) Scalability: How to seamlessly support ever growing application workload with increasing number of cores, and at the same time, embracing the heterogeneity in the underlying computing platform. (2) Reliability: How to leverage new ISA extensions to build reliable software systems; (3) Security: How to build secure systems for the underlying untrusted computing infrastructure using a combination of trusted execution environments (TEEs) and small trusted computing base (TCB); and (4) Performance: How to achieve real-time performance using incremental and approximate computing paradigms.
As I will show in the talk, we follow these design principles at all levels of the software stack covering operating system, storage/file-system, compiler and run-time libraries, and all the way to building distributed middleware. More importantly, our approach transparently supports existing applications -- we neither require a radical departure from the current models of programming nor complex, error-prone application-specific modifications.
To register for this free event, please click here.