The SPARCHS Project: Hardware Support for Software Security
Current security research is largely oriented to top-down design, where the most exposed layers - the network/application layers - are first studied assuming the lower layers are secure, even when they are not. The lower layers are studied when new threats appear at those layers. Security, thus, has become an arms race to the bottom. For every software mitigation strategy today, vulnerabilities in the software layer below it can be used to attack and weaken the mitigation strategy. There are many examples of such attacks in the literature including those attacks that target anti-virus, libraries, operating systems, hypervisors, and BIOS routines.