Research Associate in Formal Modelling and Verification

A research associate position is available within an exciting project aiming to conduct research into the safety and security of advanced hardware architectures. The project is called “Safe and secure COncurrent programming for adVancEd aRchiTectures (COVERT)” and is funded by the EPSRC. The project benefits from working with a number of academic, industrial and governmental partners: ARM, Galois, Defence Science and Technology (DST) and the Universities of Amsterdam, Augsburg, Melbourne and Oldenburg.

The post will be based in Sheffield working at Sheffield’s School of Computer Science within the Faculty of Engineering. The post-holder will join researchers at Kent and Surrey working on the “Safe and secure COncurrent programming for adVancEd aRchiTectures (COVERT)” project, led at Sheffield by Prof. John Derrick and Dr. Andrei Popescu and sponsored by the Engineering and Physical Sciences Research Council (EPSRC). The project aims to conduct research into the safety and security of advanced hardware architectures.

The continuing evolution of computing hardware has led to enormously complex architectures with execution models that integrate advanced memory technologies and hardware models. This evolution affects all devices, ranging from large-scale data centres to mobile phones. However, these advanced architectures break assumptions that programmers have relied on, causing new safety bugs and security vulnerabilities. We target multi-processor systems and concurrent architectures. Concurrent behaviour is notoriously difficult – incorrect synchronisation can lead to many dangerous safety and security vulnerabilities (see the Common Weaknesses database), ranging from “out-of-bounds writes” and “use-after-free” errors to “improper synchronisation and race conditions”. Further, architecture-based attacks (e.g., Spectre) show the urgency of addressing these important problems today. Even when low-level programs are well synchronised, the design of the underlying concurrent algorithms can themselves be vulnerable. In particular, well understood safety conditions such as linearizability do not guarantee security, and current approaches to addressing this issue lead to overly synchronised implementations (degrading performance). This introduces a tension between the goals of the hardware designers (who aim to maximise performance), and end users (who require trustworthy software). In the middle are developers, who are tasked with producing software that balances this tension. COVERT will provide mechanisms for provably correct reusable abstractions that maximise flexibility in program design, allowing fine tuning of both safety and security guarantees based on the architecture.

Advert information