Lessons Learned from Building and Attacking Secure Computing Systems


Ahmad-Reza Sadeghi
Darmstadt University


Srini Devadas
The ever-increasing complexity of computing systems, emerging technologies such as IoT and AI, and
advancing attack capabilities pose a variety of (new) challenges on the design and implementation of
security concepts, methods and mechanisms for computing systems.
This talk provides an overview of our journey through the system security research universe. We point
out (painful) lessons learned in advancing state-of-the-art software security and hardware-assisted
security both in academic research and industry collaborations. We also briefly present our insights
gained throughout one of the world’s largest hardware security competitions that we have been
conducting with industry partners since 2018. Finally, we discuss our future vision and new research
directions in systems security, in particular in the light of the serious threat of software-exploitable
hardware vulnerabilities that put all critical systems at risk.