Security Intern

Helsinki System Security Lab (HSSL) Internship (1H/2024 or summer 2024)

Optimized use of Pointer Authentication with HW Shadow stack

A sizable proportion of security vulnerabilities afflicting computer programs stem from memory corruption vulnerabilities such as buffer overflow and object boundary violations that can be exhibited through “unsafe” programming languages such as C and C++. Recent years have seen various technologies attempting to remediate these issues in existing program through instrumentation and run-time checks, with varying success and cost.

Hardware assisted shadow stack technology is also coming to ARM devices in the next few years (ARM Guarded Call stack) [https://community.arm.com/arm-community-blogs/b/architectures-and-processors-blog/posts/arm-a-profile-architecture-2022>. As shadow stack technology is a performant way of protecting the return edge of a function call, this technology can fully compensate for some of the pointer authentication protections that otherwise would be needed to protect the same. The aim of this work is to study the co-existence of ARM GCS, PAC and possibly BTI, and construct a compiler-assisted memory-safety solution that uses these technologies in concert for best performance and security benefit.

As part of the internship, the intern will take part in proposing a new design and developing a prototype demonstrating the feasibility and potential limitations of hardware-assisted memory safety leveraging many parallel technologies in hardware. This work is suitable as a Master’s thesis work in the field of platform security and computer science, since we believe the work will combine some measure of novelty with development, prototyping and testing.

We are looking for:

• Students who have completed most of their M.Sc. courses, in the field of CS/E.Eng
• System / embedded coding experience in C
• An understanding of low-level (system / OS) architecture
• Prior engagement with compiler modification or compiler theory considered a plus.
• Sufficient skills to work and interact in English
• Good team-working skills

Students with interest to do research and explore new challenges.

The following we count as advantage:

• Background (courses) in platform security, cryptography or equivalent
• An interest to do research and explore new challenges.

About us

The Helsinki Systems Security Laboratory in Huawei Finland (HSSL) drives renewal and mastery in the field of platform / device related security technologies for the mobile device. Our topical expertise lies in hardware-assisted isolation and system protection (hypervisor, TEE, kernel hardening) as well as functions like device key management, attestation and integrity. Are you ready for the challenge?