Reliability and Security in Modern Microprocessors

Naghmeh Karimi, Rutgers University
1:00pm 11:30am Wednesday, 9 March 2016, ITE 325b

The rapidly shrinking feature size and exponentially growth of the complexity of integrated circuits continue to give rise to various design robustness concerns, as well as the cost and complexity of semiconductors’ fabrication process making almost all semiconductor design companies outsource their fabrication to possibly untrusted third parties. Such globalization of IC design flow jeopardizes the security and trustworthiness of ICs and introduces new security vulnerabilities. Thereby, as the transistors pave their way towards miniaturization, reliability and trustworthiness of ICs and in particular microprocessors turn into major design constraints.

This talk will focus on robustness and security of microprocessors. It shows that applying generic robustness solutions for microprocessors, due to their high degree of application-level error masking, is cost prohibitive. The talk will explore how the workload-cognizant analysis of the impact of various malfunctions in modern processors effectively guides in identifying the most vulnerable functionality of the processors and developing robustness solutions for them. Then, the talk will focus on assuring the security of microprocessors and guarantying their proper functionality against malicious security vulnerabilities. In particular, the first physical attack that imposes processor malfunction through IC aging acceleration will be presented and the methods to prevent such attack will be discussed. Finally, security vulnerabilities of processor memory units using emerging memory technologies will be investigated and a hardware intrinsic encryption technique to assure the security of the stored data in such memories will be presented.

Dr. Naghmeh Karimi is currently a Teaching Assistant Professor at the ECE Department of Rutgers University. She received the Ph.D. degree in electrical engineering from University of Tehran in 2010 while conducting research for 2 years at Yale University as a visiting research assistant. She was a visiting researcher at Yale University (2007-2009), a postdoctoral researcher at Duke University (2011-2012), and a visiting Assistant Professor at New York University (2012-2014). Dr. Karimi’s research interests include hardware security and trustworthy ICs, Design-for-Security, Design-for-Reliability, Design-for-Testability, Computer Architecture and VLSI design and test. She has published over 30 papers in major journals and conference proceedings and authored three book chapters. She has also served as a program committee member for major international conferences in her area of research including the IEEE International Test Conference (ITC) and IEEE International Conference on VLSI Design.

Learning from High-Dimensional Data via Transformations

Dr. Hossein Mobahi, MIT

12:00pm Monday 29, February 2016, ITE325b

High-dimensional data is ubiquitous in the modern world, arising in images, movies, biomedical measurements, documents, and many other contexts. The “curse of dimensionality” tells us that learning in such regimes is generally intractable. However, practical problems often exhibit special simplifying structures which, when identified and exploited, can render learning in high dimensions tractable. This is a great prospect however, but how to get there in not trivial. In this talk, I will address two challenges associated with high-dimensional learning and discuss my proposed solution.

First, parsimony (sparsity, low rank, etc.) is one of the most prevalent structures in high-dimensional learning applications. However, its presence is often implicit and it reveals itself only after a transformation of the data. Studying the space of such transformations and the associated algorithms for their inference constitute an important class of problems in high-dimensional learning. I will present some of my work in this direction related to image segmentation. I will show how low-rank structures become abundant in images when certain spatial and geometric transformations are considered. This work resulted in a state of the art algorithm for segmentation of natural images.

Second, important scenarios such as deep learning involve high-dimensional nonconvex optimization. Such optimization is generally intractable. However, I show how some properties in the optimization landscape, such as smoothness and stability, can be exploited to transform the objective function to simpler subproblems and allow obtaining reasonable solutions efficiently. The theory is derived by combining the notion of convex envelopes with differential equations. This results in algorithms involving high-dimensional convolution with the Gaussian kernel, which I show has a closed form in many practical scenarios. I will present applications of this work in image alignment, image matching, and deep learning. Furthermore, I will discuss how this theory justifies heuristics currently used in deep learning and suggests new training algorithms that offer a significant speedup.

Hossein Mobahi is a postdoctoral researcher in the Computer Science and Artificial Intelligence Lab at the Massachusetts Institute of Technology. His research interests include machine learning, computer vision, optimization, and especially the intersection of the three. He obtained his PhD from the University of Illinois at Urbana-Champaign in Dec 2012. He is the recipient of Computational Science & Engineering Fellowship, Cognitive Science & AI Award, and Mavis Memorial Scholarship. His recent work on machine learning and optimization have been covered by the MIT news.

The UMBC Cyber Defense Lab presents

Mini-MAC: Raising the Bar for Vehicular Security with a
Lightweight Message Authentication Protocol

Jackson Schmandt, CSEE, UMBC
11:15am-12:30pm Friday, 26 February 2016, ITE 237

We propose Mini-MAC, a new message authentication protocol that works in existing automotive computer networks without delaying any message or increasing network traffic. Deployed in many vehicles, the CAN bus is a low-speed network connecting electronic control units, including those that control critical functionality such as braking and acceleration. The CAN bus is extremely vulnerable to malicious actors with bus access, including wireless access. Traditionally, Message Authentication Codes (MACs) help authenticate the sender of a message, and variants prevent message replay attacks; however, standard MACs are unsuitable for use on the CAN bus because of small payload sizes. Restrictions of the CAN bus, including the need not to delay messages or increase bus traffic, severely limit how well this network can be protected.

Mini-MAC is based on a counter-seeded keyed-Hash MAC (HMAC), augmented with message history and truncated to fit available message space. It does not increase bus traffic and incurs a very small performance penalty relative to the provably secure HMAC. It is the first proposal to combine these two tenets for vehicle networks. The message history feature protects against all transient attackers, even if they know the keys. Though the CAN bus cannot be properly secured against a dedicated attacker, Mini-MAC meaningfully raises the bar of vehicular security, enhancing the safety of drivers and others.

Jackson Schmandt is a MS student in Computer Engineering in the Mobile Pervasive Sensor System Lab. Joint work with Alan Sherman and Nilanjan Banerjee.

Host: Alan T. Sherman,

The Secret Life of Mobile Applications

Dr. Julia Rubin, MIT

12:00pm Friday, 8 April 2016, ITE 325b, UMBC

As software becomes increasingly more complex and yet more pervasive, poor understanding of software behavior compromises the quality and the integrity of software systems that we use. In this talk, I will show that automated analysis techniques can help to identify and reason about software behavior characteristics that matter to humans. After a brief overview of my current research directions, I will focus on techniques for identifying privacy violations in mobile applications, i.e., leakages of sensitive information such as user location and shopping preferences. I will present a set of solutions that rely on contextual, functional and usage-based clues for improving the accuracy of leakage detection and for distinguishing between “legitimate” and “illegitimate” information distribution patterns.

Julia Rubin is a Postdoctoral Researcher in the EECS department at MIT. Prior to that, she was a Research Staff Member and, part of the time, a manager at IBM Research in Haifa, Israel. She received her PhD in Computer Science from the University of Toronto, Canada in 2014. Julia’s research interests are in software engineering, program analysis and software security, focusing on improving the quality and the integrity of modern software systems. Her recent work in this area won an ACM Distinguished Paper Award at ASE, two Best Paper Awards, at SPLC and CSMR, and was nominated for Facebook’s Internet Defense Prize at the USENIX Security Symposium.

Establishment of Trust and Integrity in Modern Supply Chains

Ujjwal Guin, University of Connecticut

11:30 Thursday, 25 February 2016, ITE325b

With the advent of globalization and resulting horizontal integration, modern supply chain becomes extremely complex and requires immediate solutions for eliminating counterfeit integrated circuits (ICs), which pose a serious threat to the safety and security of our day-to-day lives. The reliability of such ICs could be questionable as they may have many defects and might not go through as much of a rigorous test process as their authentic counterparts. An adversary can also create a backdoor to bypass the security modules in these ICs. In this research, I have systematically addressed the aforementioned issues by risk analysis and assessment of test methods, and by proposing different Design-for-Anti-Counterfeit (DfAC) measures. As a part of risk analysis, I have developed taxonomies for counterfeit IC types, counterfeit defects, and test methods. Based on these taxonomies, I have introduced novel test metrics and developed a comprehensive framework for assessing a set of test methods to maximize test coverage. In the DfAC domain, I have proposed a suite of solutions to detect counterfeit ICs without performing conventional tests. A set of lightweight negative-bias temperature instability (NBTI)-aware ring oscillators have been developed for combating die and IC recycling. In addition, I have developed a comprehensive solution for preventing intellectual property piracy and IC overproduction by assuring forward trust between all entities involved in the system-on-chip design and fabrication process.

Ujjwal Guin is a PhD candidate at the Electrical and Computer Engineering department of University of Connecticut, where he has been working with Dr. Mark M. Tehranipoor. His current research interests include Hardware Security and Trust, Supply Chain Security, Cybersecurity, and VLSI Design and Test. He has developed several on-chip structures and techniques to improve the security, trustworthiness, and reliability of integrated circuits. He has co-authored a book entitled “Counterfeit Integrated Circuits – Detection and Avoidance”. He has published several journal articles and refereed conference papers. He received Best Student Paper Award from the IEEE North Atlantic Test Workshop (NATW’2013). He is an active participant in the SAE International’s G-19A Test Laboratory Standards Development Committee. Mr. Guin received his B.E. degree from the Department of Electronics and Telecommunication Engineering of Bengal Engineering and Science University, Howrah, India in 2004 and the M.Sc. degree from the Department of Electrical and Computer Engineering of Temple University, Philadelphia, PA, USA in 2010.

Host: Chintan Patel

Why applications are still draining our batteries, and how we can help

Aaron Schulman, Stanford University

12:00pm Tuesday, 01 March 2016, ITE325b

Application developers lack tools to profile and compare the energy consumption of different software designs. This energy-optimization task is challenging because of unpredictable interactions between the application and increasingly complex power management logic. Yet, having accurate power information would allow application developers to both avoid inefficient designs and discover opportunities for new optimizations.

In this talk, I will show that it is possible to accurately measure system-level power and attribute it to application activities. I will present BattOr, a portable, easy-to-use power monitor that provides developers with a profile of the energy consumption of their designs—without modifications to hardware or software. I will show how Google developers are using BattOr to improve Chrome’s energy efficiency. I will also show how fine-grained understanding of cellular power at different signal strengths enables novel energy optimizations. Finally, I will describe my future plans to attribute system-level power to individual hardware components and to investigate opportunities presented by instrumenting every server in a data center with fine-grained power monitoring.

Aaron Schulman is a Postdoctoral Scholar at Stanford working with Sachin Katti; he earned his Ph.D. in Computer Science from the University of Maryland, where he was advised by Neil Spring. His research interests are in low-power embedded systems, wireless communication, and network measurement. Aaron’s research on the BattOr power monitor has been funded by Google, is being commercialized by his startup Mellow Research, and is becoming Google’s de facto standard tool for measuring the energy consumption of the Chrome web browser. For his dissertation, Aaron provided the first observations of fundamental factors that limit the reliability of the Internet’s critical last-mile infrastructure. His dissertation was selected to receive the the 2013 ACM SIGCOMM Doctoral Dissertation Award.

Leveraging Human Insights into
Problem Structure for Scientific Discovery

Ronan Le Bras, Cornell University

12:00pm 1:00pm Tuesday, 23 February 2016, ITE325b, UMBC

Most problems, from theoretical problems in combinatorics to real-world applications, comprise hidden structural properties not directly captured by the problem definition. A key to the recent progress in automated reasoning and combinatorial optimization has been to automatically uncover and exploit this hidden problem structure, resulting in a dramatic increase in the scale and complexity of the problems within our reach. The most complex tasks, however, still require human abilities and ingenuity. In this talk, I will show how we can leverage human insights to effectively complement and dramatically boost state-of-the-art optimization techniques. I will demonstrate the effectiveness of the approach with a series of scientific discoveries, from experimental designs to materials discovery.

Ronan Le Bras is a Ph.D. candidate in computer science at Cornell University. He received his M.S. and B.S. from Ecole Polytechnique Montreal in computer engineering and in software engineering. His research interests include computational methods for large-scale combinatorial optimization, reasoning, learning and human computation. His work is motivated by a range of applications, especially in the emerging field of computational sustainability. It has led to a series of scientific discoveries in areas such as graph theory, combinatorics, and discrepancy theory as well as materials science, experimental design and conservation biology. His work appears in the proceedings of AAAI, IJCAI, HCOMP, SAT, CP and VLDB.

Host:  Tim Finin,

From Forensics to Security: Securing Complex
Systems through Data-driven Investigation

Dr. Robert Walls
Pennsylvania State University

1:00pm Friday, 19 February 2016, ITE 325b, UMBC

The cornerstone of modern security is understanding when and how systems are abused and exploited. Gathering such knowledge is essential as decades of experience demonstrate the infeasibility of building perfectly secure systems. Yet, the systems with the greatest need of securing—such as those underpinning critical Internet services—are often the most difficult to study.

In this talk, I will focus on my research efforts in digital forensics and security to study the abuse of complex and inter-connected systems. My work has focused on multiple aspects of this endeavor, including the analysis of partially structured data, the use of semantic relationships and investigator feedback to identify relevant information, and the transition of research results into practical tools and techniques.

Robert Walls is a Postdoctoral Scholar in the Department of Computer Science and Electrical Engineering at The Pennsylvania State University. His research interests include systems security and digital forensics. He is currently studying the abuse of Internet infrastructure, including advertising networks and the Domain Name System (DNS). Previously, he worked with law enforcement to develop novel forensic techniques for investigating crimes. He received his Ph.D. in Computer Science from the University of Massachusetts Amherst in 2014. He is also a recipient of the Yahoo! Key Scientific Challenges Award.

Host: Tim Finin,

Big Data/Data Science Programs at NSF

Chaitan Baru
Senior Advisor for Data Science, NSF CISE Directorate
10-11:00am Friday 12 February 2016, ITE 459, UMBC

This talk will provide an overview of current programs and activities related to Big Data and Data Science at NSF, and also highlight NSF’s inter-agency engagements in this topic area. The talk will also discuss future directions for Data Science research, education, and infrastructure. Considering that Data Science is a rapidly emerging, evolving field and discipline, ample time will be provided for Q&A and discussions about where the field ought to be going, given what we know today.

Dr. Chaitan Baru is currently a senior advisor for data science in the Computer and Information Science and Engineering Directorate at the National Science Foundation. He is a Distinguished Scientist and Associate Director of Data Initiatives at the San Diego Supercomputer Center (SDSC), UC San Diego where he works on applied and applications-oriented research problems related to data management and data analytics.

Dr. Baru has participated in a number of “data cyberinfrastructure” initiatives, including as Principal Investigator of the OpenTopography project; Cyberinfrastructure Lead, Tropical Ecology, Assessment and Monitoring network; Co-Investigator of the Cyberinfrastructure for Comparative Effectiveness Research project; Member of the founding Senior Management Team of the National Ecologial Observatory Network and Co-PI of the NEON Cyberinfrastructure Testbed; Co-PI of the CUAHSI Hydrologic Information Systems; Director, NEES Cyberinfrastructure Center; PI/Project Director, Geosciences Network; and member of the How Much Information? project.

Baru leads the Advanced Cyberinfrastructure Development Group at SDSC and is also Director of the Center for Large-scale Data Systems research. Prior to joining SDSC in 1996, Baru was at IBM, where he led one of the development teams for DB2 Parallel Edition Version 1 and at the University of Michigan, where he served on the faculty of the EECS Department. He received his B.Tech in Electronics Engineering from the Indian Institute of Technology, Madras, and M.E. and Ph.D. in Electrical Engineering from the University of Florida, Gainesville.