Security Enhancing Compilation for Use in Real Environments (SECURE)

Lead Participant: Embecosm Limited

Abstract

Security is an important and fast growing area of computer technology. Recent exploits such as the Mirai botnet have highlighted how the Internet of Things (IoT) is becoming a primary vector for massive attacks. Security must be improved, yet IoT devices are commonly small, and have the least compute resources to devote to security. Almost all code for any device, has to go through a compiler to translate the program to the low level binary running on the processor. The compiler is thus ideally placed to look at code, determine insecure coding patterns and provide automated support for writing secure code. Applying security at compile time, minimizes the load on resource constrained IoT devices This project will take the latest academic research into security and attempt to integrate these within the two most widely used compilers, GCC and LLVM. Professional security engineers in general, but particularly for IoT, will then have a tool to warn them when they are writing insecure code and help them write it more securely.

Lead Participant

Project Cost

Grant Offer

Embecosm Limited, Lymington £99,420 £ 69,594

Publications

10 25 50