DoC researchers part of UKRI team receive £1.3M grant on digital security

by

The UK Research and Innovation (UKRI) initiative have announced funding for nine grant winners as part of their Digital Security by Design programme.

The UK Research and Innovation (UKRI) initiative, which aims to help the tech infrastructure of UK organisations and digital devices to become more resilient to cyber-attacks, have announced funding for nine grant winners as part of their Digital Security by Design programme. The Digital Security by Design programme aims to radically update the foundation of the UK’s insecure digital computing infrastructure, by increasing cyber security for businesses, government and the wider public and economy. 

Among the winners are two research projects lead by Imperial College’s Department of Computing: “CloudCAP: Capability-based Isolation for Cloud Native Applications” led by Professors Peter Pietzuch and Sophia Drossopoulou, in collaboration with Microsoft Research; and “AppControl:  Enforcing Application Behaviour through Type-Based Constraints” led by Professor Nobuko Yoshida, in collaboration with the Universities of Glasgow  and Essex.  

The CloudCAP project will explore new hardware features to make cloud computing applications more secure. This will increase the trustworthiness of complex systems built out of heterogeneous components, and it will enable complex data-centric trust and security policies. For example, the project can support scenarios in which healthcare data is used to train a machine learning model without information leakage across the data and the model, and without trust in the cloud provider.  

The research will develop new isolation principles across the complete software stack, including the programming language, runtime system and operating system, and hardware. Here, it will exploit the region abstraction offered by the Verona programming language, and the fine-grained protection boundaries between memory objects supported by Arm’s Morello hardware. 

Professor Pietzuch, Professor of Distributed Systems, said:

“This funding launches an exciting collaboration with industry, and it could help us tighten security in cloud computing so it can be used to its full potential.” 

Professor Sophia Drossopoulou, Professor of Programming Languages, said:

“This research work is an opportunity to leverage hardware capabilities and make them practical at the abstract level supported by high-level programming languages.” 

CloudCAP will support two post-doctoral researchers over three years. 

The AppControl project will leverage capability-based processors, developed earlier in the programme, to make sure vital systems in cars, medical robots or nuclear power plants remain digitally secure. AppControl will explore dependent multiparty session type systems in Rust, with a compiler, run-time support and operating system support, running on the Arm Morello prototype hardware. Multiparty session types, which received the most influential POPL award in 2018, play a central role to ensure type safety, progress and deadlock-freedom of message passing programs in both static and runtime.  

Professor Nobuko Yoshida, Professor of Computing, said: 

“AppControl develops enforceable specifications for capability hardware based on session types, and demonstrates their effectiveness. This is an exciting collaborative project to apply session types to state-of-the-art processors.” 

AppControl will support the three new researchers over 42 months.  

Reporter

Mr Ahmed Idle

Mr Ahmed Idle
Department of Computing