Researchers recently presented articles on memory safety that make computer systems more secure. This new research, which has zero to little effect on system performance, is already being used to create a processor.

Columbia Engineering researchers who are leading experts in computer security recently presented two major papers that make computer systems more secure at the International Symposium on Computer Architecture (ISCA), the premier forum for new ideas and research results in computer architecture. This new research, which has zero to little effect on system performance, is already being used to create a processor for the Air Force Research Lab.

«Memory safety has been a problem for nearly 40 years and numerous solutions have been proposed. We believe that memory safety continues to be a problem because it does not distribute the burden in a fair manner among software engineers and end-users,» said Simha Sethumadhavan, associate professor of computer science, whose research focuses on how computer architecture can be used to improve computer security. «With these two papers, we believe we have found the right balance of burdens.»

Computer security has been a long-standing issue, with many proposed systems workable in research settings but not in real-world situations. Sethumadhavan believes that the way to secure a system is to first start with the hardware and then, in turn, the software. The urgency of his research is underscored by the fact that he has significant grants from both the Office of Naval Research and the U.S. Airforce, and his PhD students have received a Qualcomm Innovation Fellowship to create practical security solutions.

Sethumadhavan’s group noticed that most security issues occur within a computer’s memory, specifically pointers. Pointers are used for managing memory and can lead to memory corruption that can open up the system to hackers who hijack the program. Current techniques to mitigate memory attacks use up a lot of energy and can break software. These methods also greatly affect a system’s performance — cellphone batteries drain quickly, apps run slowly, and computers crash.

The team set out to address these issues and created a security solution that protects memory without affecting a system’s performance. They call their novel memory security solution, ZeRO: Zero-Overhead Resilient Operation Under Pointer Integrity Attacks.

Story Source: Materials provided by Columbia University School of Engineering and Applied Science. Original written by Holly Evarts. Note: Content may be edited for style and length.