Small

Embedded systems play a large role in our daily lives. They are found in everything from computers and consumer electronics to appliances and automobiles, and represent a market estimated to be worth almost $160 billion. Many of them, however, use inexpensive microcontrollers that cannot easily be analyzed, so it is unclear how well they operate in practice. This work seeks improve the safety and security of these systems by developing techniques to analyze their firmware, particularly with regards to the popular Universal Serial Bus (USB) and Bluetooth protocols.

Many private interactions between individuals and their friends, families, employers, and institutions are now carried out on the Internet; disclosure of the contents of these interactions or even the mere associations between these parties can expose people to real financial or physical risks. As a result, encryption and services such as virtual private networks or the Tor project that conceal the connection between a user and the websites they visit are growing in popularity.

Modern cybersecurity attacks are often carried out through automated "bots" or agents that systematically attack networks, at scale and in a matter of minutes. This has left organizations scrambling to respond with defenses that must first be validated or enacted by humans, and so take time to mount. Institutions can no longer afford to combat these powerful and rapid digital attacks with our slower and sometimes error-prone analog (human-based) responses.

Linux containers have become a popular light-weight virtualization platform for effective on-demand computing. Their use ranges from simple high-performance computing (HPC) clusters to fully orchestrated enterprise systems. As such they have become attractive targets for attackers. This project aims at improving the trustworthiness and reliability of the Linux containers and their applications.

System software such as operating system kernels, libraries, and application frameworks provide the foundation for all of the functionality of computing devices, from personal computers and servers to mobile and embedded devices. Security vulnerabilities in system software are particularly serious because they can undermine any of the software running on a device. The most common vulnerabilities in system software are semantic errors such as missing security checks.