BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Penn Engineering Events - ECPv6.16.3//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:Penn Engineering Events
X-ORIGINAL-URL:https://seasevents.nmsdev7.com
X-WR-CALDESC:Events for Penn Engineering Events
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20240310T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20241103T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20250309T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20251102T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20260308T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20261101T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20250227T153000
DTEND;TZID=America/New_York:20250227T163000
DTSTAMP:20260602T144852
CREATED:20250217T180146Z
LAST-MODIFIED:20250217T180146Z
UID:13350-1740670200-1740673800@seasevents.nmsdev7.com
SUMMARY:CIS Seminar: "Realizing the Promise of Language-level Security in Real Systems"
DESCRIPTION:Promises are cheap. Software vendors routinely describe their offerings as “secure”\, but few are based on designs that can guarantee even the most basic security properties. To address this problem\, services like Cloudflare\, Android\, and Firefox are increasingly relying on languages like Rust and WebAssembly to provide safety by design. But these promises too can fall short: any vulnerability in the execution stack—compiler\, runtime\, OS\, or hardware—can undermine language-level security. \n  \nIn this talk\, I present my research towards delivering on the promise of language-level security by building an execution stack that guarantees that these security properties are preserved. In particular\, I will describe how three of my systems\, VeriWasm\, WaVe\, and VTock\, guarantee safety of the compiler\, language runtime\, and OS respectively. I will focus on how the designs of these systems provide formal guarantees while still adhering to production constraints that allow them to be deployed in real systems used by millions of users. I will conclude by discussing some future directions for this work\, such as retrofitting formal safety guarantees to safety-critical embedded systems and clean-slate OS design using language-level isolation.
URL:https://seasevents.nmsdev7.com/event/cis-seminar-realizing-the-promise-of-language-level-security-in-real-systems/
LOCATION:Levine 307\, 3330 Walnut Street\, Philadelphia\, PA\, 19104\, United States
ORGANIZER;CN="Computer and Information Science":MAILTO:cherylh@cis.upenn.edu
END:VEVENT
END:VCALENDAR