INESC-ID researchers publishes book
João Madeiras Pereira, Mário Rui Gomes, Alfredo Ferreira, researchers at INESC-ID, António Fernando Coelho (FEUP) and João Brisson (IST), published in May 2018, the book “Introdução à Computação Gráfica “. This work presents the bases and concepts that allow to understand and apply the various…
Call for Submissions – TPDL 2018 Conference /Digital Libraries for Open Knowledge
The Joint TPDL / Dublin Core 2018 Doctoral Consortium, is a collaboration of the TPDL 2018 and Dublin Core 2018 conferences, which will be held in Porto, Portugal, on September 10th 2018. The purpose of JTDC 2018 is to provide to doctoral students a friendly…
Best Paper Award at the XXI Ibero-American Conference on Software Engineering
Luís Cruz and Rui Abreu, both researchers at INESC-ID (in the Information and Decision Support Systems research area) won a Best Paper Award at the XXI Ibero-American Conference on Software Engineering SET Track, with the paper “Using Automatic Refactoring to Improve Energy Efficiency of Android…
INESC-ID Researchers wins “Best Paper Award”
The paper titled “Software-Defined Data Services: Interoperable and Network-Aware Big Data Executions”, received a Best Paper Award at IEEE SDS 2018 (International Conference on Software Defined Systems). Pradeeban Kathiravelu and Luís Veiga, researchers at INESC-ID, co-wrote the paper with Peter Van Roy (UCLouvain). In this…
Upcoming Events
3rd INESC-ID Security & Privacy Talk by Sandro Pinto (Centro Algoritmi, UMinho)
On May 23, Sandro Pinto will present the 3rd INESC-ID Security & Privacy Talk titled: “You were BUSted!!! Microarchitectural Timing Side-Channel Attacks on Arm Microcontrollers are Practical”.
Date: May 23, 2024
Time: 15h00-16h00
Where: INESC-ID, Alves Redol Building, Auditorium (Room 9), Ground Floor
Abstract:
The discovery of Spectre and Meltdown has turned systems security upside down. These attacks have opened a novel frontier for exploration to hackers and shed light on the untapped potential of hidden transient states created by shared microarchitectural resources. Since then, we have witnessed the rise of a plethora of effective software-based microarchitectural timing side-channel attacks capable of breaking and bypassing the security (isolation) boundaries of numberless processors from mainstream CPU vendors (Intel, AMD, Arm). Notwithstanding, one class of computing systems apparently is resilient to these attacks: microcontrollers (MCUs). MCUs are shipped in billions annually and are at the heart of every embedded and IoT device. There is a common belief that MCUs are not vulnerable to these attacks because their microarchitecture is intrinsically simple.
In this talk, we present BUSted. BUSted is a novel side-channel attack that explores the side effects of the MCU bus interconnect arbitration logic to bypass security guarantees enforced by memory protection primitives. First, we provide evidence of the existence of this channel on multiple platforms. Then, we explain the building blocks, the overall methodology, and the main challenges we faced in successfully mounting the attack. To close our talk, we discuss and demonstrate how to bypass the isolation guarantees of TrustZone-M on a state-of-the-art MCU. We present this attack emulating a secure smart lock IoT application.
Bio:
Sandro Pinto is an Associate Research Professor at the University of Minho, Portugal. He holds a Ph.D. in Electronics and Computer Engineering. Sandro has a deep academic background and several years of industry collaboration focusing on operating systems, virtualization, and security for embedded and IoT systems. He has published 100+ scientific papers in top-tier conferences/journals (e.g., IEEE S&P Oakland, USENIX Security, Euro S&P) and is a skilled presenter with speaking experience in several high-profile conferences (e.g., Black Hat, HArdwear.io, RISC-V Summit). Sandro is a long-term supporter of open source. He co-founded the open-source Bao Project and is actively pushing for RISC-V.
INESC-ID Distinguished Lecture: “(Programming Languages) in Agda = Programming (Languages in Agda)” by Professor Philip Wadler (UEdin)
On June 4, Professor Philip Wadler will give an INESC-ID Distinguished Lecture organized in the scope of the BIG ERA Chair Project, titled “(Programming Languages) in Agda = Programming (Languages in Agda)”.
Registration: here (free but mandatory)
Date: June 4, 2024
Time: 15h00-16h15
Where: Anfiteatro Abreu Faro – Complexo Interdisciplinar, Instituto Superior Técnico (Alameda)
Abstract: The most profound connection between logic and computation is a pun. The doctrine of Propositions as Types asserts that propositions correspond to types, proofs to programs, and simplification of proofs to evaluation of programs. Proof by induction is just programming by recursion. Finding a proof becomes as fun as hacking a program. Dependently-typed programming languages, such as Agda, exploit this pun. This talk introduces *Programming Language Foundations in Agda*, a textbook that doubles as an executable Agda script—and also explains the role Agda plays in IOG’s Cardano cryptocurrency.
Short Bio: Philip Wadler is a Professor of Computer Science at the University of Edinburgh and a Senior Research Fellow at IOHK. He is a Fellow of the Royal Society, a Fellow of the Royal Society of Edinburgh, and an ACM Fellow. He is head of the steering committee for Proceedings of the ACM, past editor-in-chief of PACMPL and JFP, past chair of ACM SIGPLAN, past holder of a Royal Society-Wolfson Research Merit Fellowship, winner of the SIGPLAN Distinguished Service Award, and a winner of the POPL Most Influential Paper Award. Previously, he worked or studied at Stanford, Xerox Parc, CMU, Oxford, Chalmers, Glasgow, Bell Labs, and Avaya Labs, and visited as a guest professor in Copenhagen, Sydney, and Paris. He has an h-index of over 70 with more than 25,000 citations to his work, according to Google Scholar. He contributed to the designs of Haskell, Java, and XQuery, and is co-author of Introduction to Functional Programming (Prentice Hall, 1988), XQuery from the Experts (Addison Wesley, 2004), Generics and Collections in Java (O’Reilly, 2006), and Programming Language Foundations in Agda (2018). He has delivered invited talks in locations ranging from Aizu to Zurich.
Philip Wadler likes to introduce theory into practice, and practice into theory. An example of theory into practice: GJ, the basis for Java with generics, derives from quantifiers in second-order logic. An example of practice into theory: Featherweight Java specifies the core of Java in less than one page of rules. He is a principal designer of the Haskell programming language, contributing to its two main innovations, type classes and monads. The YouTube video of his Strange Loop talk Propositions as Types has over 100,000 views. Wadler is also area leader for programming languages at IOHK (now Input Output Global), the blockchain engineering company developing Cardano. He has contributed to work on Plutus, a Turing-complete smart contract language for Cardano written in Haskell; the UTXO ledger system, native tokens, and System F in Agda.
Educational Workshop on Responsible AI for Peace and Security (UNODA)
On June 6 and 7, The United Nations Office for Disarmament Affairs (UNODA) and the Stockholm International Peace Research Institute (SIPRI) are offering a selected group of technical students the opportunity to join a 2-day educational workshop on Responsible AI for peace and security.
The third workshop in the series will be held in Porto Salvo, Portugal, in collaboration with GAIPS, INESC-ID, and Instituto Superior Técnico. The workshop is open to students affiliated with universities in Europe, Central and South America, the Middle East and Africa, Oceania, and Asia.
Date & Time: June 6 a 7
Where: IST – Tagus Park, Porto Salvo
Registration deadline: April 8
Summary: “As with the impacts of Artificial intelligence (AI) on people’s day-to-day lives, the impacts for international peace and security include wide-ranging and significant opportunities and challenges. AI can help achieve the UN Sustainable Development Goals, but its dual-use nature means that peaceful applications can also be misused for harmful purposes such as political disinformation, cyberattacks, terrorism, or military operations. Meanwhile, those researching and developing AI in the civilian sector remain too often unaware of the risks that the misuse of civilian AI technology may pose to international peace and security and unsure about the role they can play in addressing them. Against this background, UNODA and SIPRI launched, in 2023, a three-year educational initiative on Promoting Responsible Innovation in AI for Peace and Security. The initiative, which is supported by the Council of the European Union, aims to support greater engagement of the civilian AI community in mitigating the unintended consequences of civilian AI research and innovation for peace and security. As part of that initiative, SIPRI and UNODA are organising a series of capacity building workshops for STEM students (at PhD and Master levels). These workshops aim to provide the opportunity for up-and-coming AI practitioners to work together and with experts to learn about a) how peaceful AI research and innovation may generate risks for international peace and security; b) how they could help prevent or mitigate those risks through responsible research and innovation; c) how they could support the promotion of responsible AI for peace and security.”