January 2nd, 2013 at 22:02 UTC by Robert N. M. Watson
Over the past two years, Peter G. Neumann and I, along with a host of collaborators at SRI International and the University of Cambridge Computer Laboratory, have been pursuing CTSRD, a joint computer-security research project exploring fundamental revisions to CPU design, operating systems, and application program structure. Recently we’ve been talking about the social, economic, and technical context for that work in a series of media interviews, including one with ACM Queue on research into the hardware-software interface posted previously.
A key aspect to our argument is that the computer industry has been pursuing a strategy of hill climbing with respect to security; if we were willing to take a step back and revisit some of our more fundamental design choices, learning from longer-term security research over the last forty years, then we might be able to break aspects of the asymmetry driving the current arms race between attackers and defenders. This clean-slate argument doesn’t mean we need to throw everything away, but does suggest that more radical change is required than is being widely considered, as we explore in two further interviews:
- A New York Times Profiles in Science article about Peter’s work in computer security, with a particular focus on arguments for clean-slate design, but also DARPA’s CRASH programme in clean-slate computing for security.
- My IEEE Spectrum Techwise Conversations podcast interview exploring the argument for clean-slate design and the nature of current attacker-defender asymmetry.