- Submissions Due: 13 October 2022
- Publication: May/June 2023
Recently, we have seen a variety of hardware features released that are designed to improve software security. In the 30 years since the Morris worm, we have found that software-only solutions to prevent memory errors from being exploited are either too expensive to be deployed broadly or are too prone to being circumvented. This situation motivates the use of hardware to implement key defensive features more reliably and efficiently. For example, several hardware features have been introduced that provide fine-grained control of access to memory. In addition, other hardware features provide protected environments to reduce dependence on complex systems software that may be prone to memory errors, limiting the trusted computing base of systems.
The introduction of these hardware features is a potential boon for improving software security, but several challenges remain. One challenge is to develop software that utilizes such features effectively to achieve desired security goals with low overhead. Only then will we be able to see the wide adoption of such hardware necessary to reduce the exploitation of memory errors broadly. However, another challenge is that these hardware features may have blind spots that create new exploitable attack surfaces that may require yet additional defenses. We must ensure that proposed solutions do not also present new vulnerabilities that adversaries can exploit to circumvent security enforcement.
This special issue aims at collecting the most relevant ongoing research efforts in the security and privacy field concerning the development, use, and evaluation of new hardware features to improve software security. Topics include, but are not limited to:
- Experiences with hardware-enabled security and privacy
- Software support for hardware features for security and privacy
- Security evaluation of hardware features
- Comparison of security capabilities of related hardware features
- Lessons in achieving security goals using hardware features
- Changes to hardware features to improve security and privacy
- Market forces and potential for adoption
For author information and guidelines on submission criteria, please visit the S&P’s Author Information page. Please submit papers through the ScholarOne system, and be sure to select the special issue name. Manuscripts should not be published or currently submitted for publication elsewhere. Please submit only full papers intended for review, not abstracts, to the ScholarOne portal.
Please contact the guest editors at firstname.lastname@example.org.
- Trent Jaeger, Penn State University
- Brent ByungHoon Kang, KAIST University
- Nele Mentens, Leiden University and KU Leuven
- Cynthia Sturton, University of North Carolina