• Research Interests:  Embedded Systems, Software security, Optimizing Compilers, Pervasive Computing, Computer Architecture, Networks and Distributed Computing, Electronic Commerce
•  Brief CV (pdf)

---

Research Projects

•  Hardware/Software Co-Design Approaches to Software Protection and Security (current)
  
• Previous Research Projects
  
• Compiler Optimization for ILP (EPIC/VLIW) Processors
•  Embedded Systems: Power Aware Computing and Communications
•  Pervasive Computing: The AOL Smart Home Project :Future-Home infrastructure (sponsor: America Online/Time Warner) Goals: Design and build device management infrastructure.

• Physical Attacks: One of the problems we consider are attacks on secure applications, such as military applications, where software execution takes place in an entirely encrypted form. While it is thought that encrypted execution  effectively  deters any kind of attack, we in fact show that several types of  attacks  of still possible. Our research explores an integrated hardware-software co-design approaches  that aim to combine novel techniques in the areas of compilers, architecture and  software security in order to provide a high level of both security  and  adaptability by. By utilizing a secure hardware coprocessor in the form  of a reconfgurable logic (such as a  Field-Programmable Gate Array - FPGA), we aim to provide solutions that do not require re-design of the processor instruction set and can be implemented using COTS technology.  The secure hardware  component accelerates execution of programs in a  secure  environment, while the reprogrammable nature of FPGAs provides us with the flexibility to carry out application specific compiler-driven protections and therefore the ability to adapt the security mechanism to the needs of the application.This research is supported by grants from National Science Foundation (NSF-ITR program) and Air Force Office of Scientific Research (AFOSR). The project provides an architecture and compiler simulation environment using the SimpleScalar suite, and provides prototype implementation using the Xilinx Virtex II Pro family.
• Defense against Trojan Circuits: We  address the problem of building a trusted execution environment using untrusted components. In the most general version of this problem, chips that are manufactured in untrusted foundries may include added circuitry to not only compromise operation or leak keys, but to also enable software-triggered attacks and to facilitate reverse engineering. The current approach of using a custom-designed hardware platform is unattractive both because of the sheer cost of maintaining a foundry as well as the inability to exploit COTS components based on latest technologies. Furthermore, Encrypted execution platforms, where instructions and data are in encrypted form in the memory and decrypted in the processor, do not provide a trusted secure platform under this Trojan circuit attack model. We are thus led to consider the problem of devising an architecture that: (1) uses untrusted components (chips) from untrusted foundries; (2) has the ability to execute applications in secure mode, and (3) creates barriers for the most sophisticated kind of reverse engineering.Our approach to this problem can be summarized as follows. We utilize a dual encryption protocol, a two-processor architecture, and leverage a trusted tool-chain under the supervision of architects and developers of the targeted secure applications. One of these processors is configured as a gateway, while the other is configured to emulate a variety of instruction sets. Furthermore, the instruction sets are dynamically modifiable, as directed by a smart compiler that
  generates secure applications with the ability to switch instruction sets at run-time. Our goal is to detect the moment that the Trojan circuit “makes its move” and then to raise an alarm to the user. We assume that the system itself is built in a secure trusted location and that no collusion exists between foundries and system developers. 
  
• Hardware containers for Software Components:  One of the motivations of this project relates to the manner in which software is constructed: large software packages are built from components put together from variety of sources. For example, the popular Firefox browser is not only constructed from dozens of components worldwide, but its design expressly allows for plugins to be installed by the user. Anymalicious component can cause serious damage when incorporated into the larger package. Thus, a developer who must use potentially untrusted components, or must allow user plugins, can use our approach to contain those components and entirely remove their ability to improperly access memory or take over the CPU. We propose a hardware-software platform that places each software component in a conceptual hardware container (when the component is at a function level), i.e., a hardware wrapper for an entire application, that checks every memory access and tracks CPU cycles consumed by the component.  The architectural and compiler techniques we propose are directed at any attack that makes an unauthorized memory access or hijacks the CPU. These basic attacks are often the critical first step in carrying out higher-level attacks. We propose the design of primitives at the hardware/software interface to detect attacks, through access violations, and to support automated software recovery after an attack. We are designing a method to isolate software modules into atomic units with strictly enforced checks on memory operations. The architectural and software design techniques are directed to thwart attacks that results in unauthorized access to memory and to maximize the accountability of the modules where the attack originated. We design a hardware unit to act as a reference monitor and check each memory access for compliance to a strict set of rules. Our research focuses on how the hardware checker is build, how to derive the rules for typical software protection policies.  A system simulation is planned using Simics with GEMS for functional and micro architectural simulations.

•  "Providing secure execution environments with a last line of defense against trojan circuit attacks", Gedare Bloom, B. Narahari, R. Simha, J. Zambreno. To appear in Computers & Security, 2009.
•  “A complier-hardware approach to software protection for embedded systems”, Olga Gelbart, Eugen Leontie, Bhagi Narahari, Rahul Simha, (accepted to appear in) International Journal of Computers and Electrical Engineering. Special issue on Real-time and Multimedia security.
  
•   “Compiler directed region-based security for low overhead software protection”, Vijay Kongubangaram, Olga Gelbart, Rahul Simha, Bhagi Narahari, 3^rd IEEE International Symposium on Dependable, Autonomic and Secure Computing (IEEE-DASC 2007), Sept., 2007.
• "Integrated Hardware-software approaches to software security", B. Narahari and R. Simha, Cyber Defense Conference, Information Assurance Science and Technology Series, Griffis Institute, Rome Air Force Labs, Rome, NY, May 2007.
•  “Compiler-FPGA Technique to Detect Memory Spoofing in  Encrypted-Execution Platforms”,  E. Leontie, O. Gelbart, B. Narahari, R. Simha, 6^th Annual Security Conference, April 2007
•   “Privacy-preserving programming using Sython”, M. Gaiman, R. Simha, B. Narahari,  Computers and Security, No. 26, 2007.
• "Secure  execution with components from Untrusted Foundries”, (with R. Simha, J. Zambreno, A. Choudhary), to appear in Advanced Networking and Communications Hardware Workshop (ANCHOR), held in conjunction with Int. Symposium on Computer Architecture (ISCA 2006), June 2006.
• "High  performance software protection using reconfigurable architectures”,  (with J.Zambreno, D. Honbo, A. Choudhary, R. Simha), Proceedings of the IEEE Journal, Vol.94, No.2, Feb. 2006.
• "SPEE: A secure program execution environment using code integrity checking", (with O. Gelbart, R. Simha),  Journal of High Speed Networks , Volume 15, Number 1, 2006 pp. 21-32.
• "SAFEOPS: An approach to embedded software security", ACM Trans. Embedded Systems, Feb. 2005, (with J. Zambreno, A. Choudhary, R. Simha, N. Memon).
•  "Performance study of  a Compiler/Hardware approach to Embedded Systems security",  IEEE-Internationl Conference on Intelligence and Security, 2005, (with K. Mohan, P. Ott, R. Simha, J. Zambreno, A. Choudhary).
• "CODESSEAL: A Compiler/FPGA Approach to Code Security",  IEEE International Conference on Intelligence and Security, May 2005, (with O. Gelbart, P. Ott, R. Simha, J. Zambreno, A. Choudhary).
  
• "SPEE: Secure Program execution environment tool using static and dynamic code verification ", 3rd Trusted Internet Workshop, held in conjunction with HIPC 2004, (with Olga Gelbart, R. Simha).
• "An overview of  Security-driven Compilation", Workshop on New Horizons on Compiler analysis and optimization, held in conjunction with IEEE-HIPC 2004, Dec. 2004 (with R. Simha, A. Choudhary, J. Zambreno).
• "Flexible software protection using Hardware/Software codesign techniques", Proc. Design, Automation and Test Europe (DATE '04) (with J. Zambreno, A. Choudhary, R. Simha).
  

• SPASM: An Optimizing Assembler for EPIC/VLIW Architectures: Numerous statements have been made concerning the feasibility of programming multi-unit processors at the assembly language level. This research, however, focuses on the  development of techniques to support the development of an optimized EPIC assembler. This research explores methods to perform block formation, register allocation, instruction scheduling, and code generation using assembly language source code as input. These topics form the foundation for the development of optimizing assemblers for EPIC processors.
• TRITANIUM: This project developed a backend IA-64 code generation module for the Trimaran Compiler Infrastructure  -- called Tritanium. This infrastructure allows researchers to develop front end and backend compiler optimization techniques and test their effectiveness on Intel's Itanium processor. Source code is downloadable at  the Tritanium Website.

• "Tritanium: Augmenting the Trimaran Compiler Infrastructure to support IA-64 Code Generation", EPIC-1 Workshop (held in Conjunction with Micro-2001), 2001, Y.L. Chobe, B. Narahari, R. Simha, W. Wong;  download pdf
• "SPASM: Parallelizing Assembler for EPIC/VLIW Processors", B. Narhari, R. Simha, A.Jayaraj, Y. Williams, Y. Chobe.  pdf file
• "Fine Grained Register Allocation for EPIC Processors with Predication",
Hansoo Kim, Kanchi Gopinath, Vinod Kathail, Bhagirath Narahari, The 1999 International Conference on Parallel and Distributed Processing Techniques and Applications(PDPTA '99), Las Vegas, Nevada, USA. June 28 - July 1, 1999.

• Power-aware compiler toolset (funded by  NASA and Intelligent Automation Inc.) Goals: Design and build a compiler to optimize power consumption; investigate algorithms for resource allocation. The focus of our research is in the development of compiler optimization techniques for embedded applications . Specifically, the research is investigating compiler techniques to minimize the power consumed by memory devices on an embedded system.
• Rapid Prototyping Infrastructure for Embedded Networks (funded by National Security Agency). The research goal is to examine issues in developing platforms for future embedded networks. In particular, for larger nodes, a Java-based platform will provide the advantages shared by Java development platforms for the desktop. However, such an approach requires careful examination of resource usage and should present the developer with the opportunity to exploit hardware. Furthermore, instead of re-writing a JVM for each new hardware, there is a need for modularly constructing JVM’s to allow for software development to keep pace with new hardware. This project examines the development of a configurable JVM for embedded systems.

Relevant Recent Publications:

• ``Memory Issues in Power-Aware Design of Embedded Systems: An Overview'', CASES 99 (Workshop on Compiler and Architecture Support for Embedded Systems), Washington DC, August 1999 (with R.Levy, B.Crilly and R. Simha).
• "Application Specific Memory Partitioning for Low Power", Proceedings of ACM COLP 2002 (Compiler and Operating Systems for Low Power), September 2002, (with S. Udayakumaran, R. Simha). pdf file
• "Assembly Code Level Power Optimization for Partitioned Memory Architectures", ACST 2004, (with R. Levy, R. Simha).
• "Energy-aware Allocation fo Dynamic Variables in Partitioned Memory Architectures", Workshop on New Horizons on Compiler analysis and optimization, held in conjunction with IEEE-HIPC 2004, Dec. 2004 (with R. Levy, R. Simha).
  

Selected Recent Publications in Other  Areas

• "Simulated Chemotaxis: A biologically inspired framework for a class of wireless coverage problems", O. Sanli, R. Simha, B. Narahari, Int. Journal of Adhoc and Sensor Wireless Networks, Vol.2, No.4, 2006.
•  "Strong minimum energy topology: NP-completeness and Heuristics",  X. Cheng, R. Simha, X. Cheng, B. Narahari, D. Liu, IEEE Trans. Mobile Computing, Vol.2, No.3, 2003.
  
• “Energy Balance in Wireless Sensor Networks Using Connection Segmentation and Range Control”, N.K.Singh, B.Narahari and R.Simha, in Proceedings of  IEEE WACE 2003.
• ``Dynamic Load Balancing Schemes for Computing Accessible Surface Areas of Protein Molecules'', E. Suh, B. Narahari, R. Simha,  IEEE Int. Conf. High Performance Computing (HIPC 1998), 1998.
• ``A real-time parallel scheduler for the imprecise computations model'',H. Foaud, B. Narahari and J. Hahn, Journal of Parallel and Distributed Computing Practices, Vol.2, No.1, 2000
• ``Routing and Scheduling I/O Transfers on a Wormhole-Routed Mesh'',  B. Narahari, R. Simha, S. Shende, S. Subramanya,  Journal of Parallel and Distributed Computing, Vol. 57, No. 1, April 1999.