Saarland's Jan Reineke wins 2.5 million euros to help solve fundamental problems in the interaction of hardware, software

Many safety-critical areas of our lives are being controlled by computer systems: from airbag controls in cars and landing gear on airplanes to essential infrastructure such as energy supply and telecommunications. But are these systems reliable? Computer science professor Jan Reineke of Saarland University thinks not - because a crucial component of today's computer systems renders the development of safe and secure IT applications impossible at a fundamental level.

To change this and to improve the interaction between hardware and software, the computer scientist is now being funded through an ERC Advanced Grant with around 2.5 million euros over five years.

Jan Reineke's current project addresses the interaction between hardware and software. For software to be executed, it must first be translated from the higher-level programming language in which it was written by a programmer into a language that the hardware understands. It is this machine language, the so-called instruction set architecture, that Jan Reineke is focusing on in his research. Computer Science Professor of Saarland University  CREDIT Oliver Dietze

The instruction set architecture is the interface between hardware and software. It can be thought of as a contract that regulates the interaction of the two components. Accordingly, another name for it is Hardware-Software Contracts. "These 'contracts' provide guarantees about how the machine code is to be executed by the underlying hardware, the microarchitecture. But they also specify what the machine code must look like for the hardware to be able to understand it," the computer scientist adds. According to Reineke, current instruction set architectures have blind spots in two crucial areas: "First, they provide no guarantees whatsoever about how long software takes to execute. Second, they lack basic security guarantees against malicious attacks," says Reineke.

The resulting problems have far-reaching implications: The lack of time guarantees is the reason why time-critical systems such as an airbag control system depend on complex but fundamentally inadequate computing models. Lack of security guarantees on the hardware side led, among other things, to the well-known security vulnerabilities 'Spectre' and 'Meltdown' at the beginning of 2018, which to this day affect almost all modern processors in systems.

"The goal now is to rethink from the ground up how this interface between software and hardware should be defined so that it is both efficient and secure," says computer scientist Reineke. Doing this, many other aspects have to be considered. On the one hand, the instruction set architecture must leave enough creative freedom for hardware developers; on the other hand, it should make the development of safe and secure software as simple as possible.

The project, entitled "Abstractions for Safe and Secure Hardware-Software Systems", is funded by an "Advanced Grant" from the European Research Council (ERC) with around 2.5 million euros over five years. ERC Advanced Grants are among the most prestigious research awards worldwide. A total of 2678 projects were submitted for the current funding period, of which 209 were approved (about 8%).

The research project described is the sixth ERC Advanced Grant and the 24th grant overall from the European Research Council, which has been granted for a project at the Saarland Informatics Campus. There, Jan Reineke is based in the Faculty of Mathematics and Computer Science at Saarland University.