• Skip to primary navigation
  • Skip to main content
SRI logo
  • About
    • Press room
  • Expertise
    • Advanced imaging systems
    • Artificial intelligence
    • Biomedical R&D services
    • Biomedical sciences
    • Computer vision
    • Cyber & formal methods
    • Education and learning
    • Innovation strategy and policy
    • National security
    • Ocean & space
    • Quantum
    • QED-C
    • Robotics, sensors & devices
    • Speech & natural language
    • Video test & measurement
  • Ventures
  • NSIC
  • Careers
  • Contact
  • 日本支社
Search
Close
Home » Archives for Peter Neumann
Peter Neumann

Peter Neumann

Principal Scientist, Computer Science Laboratory
Go to bio page

Publications

Information & computer science publications October 1, 2017 Article

The Future of the Internet of Things

Peter Neumann

The IoT can become ubiquitous worldwide—if the pursuit of systemic trustworthiness can overcome the potential risks.

Information & computer science publications March 1, 2015 Conference Paper

Beyond the PDP-11: Architectural Support for a Memory-Safe C Abstract Machine

Peter Neumann

We propose a new memory-safe interpretation of the C abstract machine that provides stronger protection to benefit security and debugging. Despite ambiguities in the specifi- cation intended to provide implementation flexibility, contemporary implementations of C have converged on a memory model similar to the PDP-11, the original target for C. This model lacks support for memory safety despite welldocumented impacts on security and reliability. Attempts to change this model are often hampered by assumptions embedded in a large body of existing C code, dating back to the memory model exposed by the original C compiler for the PDP-11. Our experience with attempting to implement a memory-safe variant of C on the CHERI experimental microprocessor led us to identify a number of problematic idioms. We describe these as well as their interaction with existing memory safety schemes and the assumptions that they make beyond the requirements of the C specification. Finally, we refine the CHERI ISA and abstract model for C, by combining elements of the CHERI capability model and fat pointers, and present a softcore CPU that implements a C abstract machine that can run legacy C code with strong memory protection guarantees.

Information & computer science publications March 1, 2015 Conference Paper

Blueswitch: Enabling Provably Consistent Configuration of Network Switches

Peter Neumann

Previous research on consistent updates for distributed network configurations has focused on solutions for centralized networkconfiguration controllers. However, such work does not address the complexity of modern switch datapaths. Modern commodity switches expose opaque configuration mechanisms, with minimal guarantees for datapath consistency and with unclear configuration semantics. Furthermore, would-be solutions for distributed consistent updates must take into account the configuration guarantees provided by each individual switch – plus the compositional problems of distributed control and multi-switch configurations that considerably transcend the single-switch problems. In this paper, we focus on the behavior of individual switches, and demonstrate that even simple rule updates result in inconsistent packet switching in multi-table datapaths. We demonstrate that consistent configuration updates require guarantees of strong switch-level atomicity from both hardware and software layers of switches – even in a single switch. In short, the multiple-switch problems cannot be reasonably approached until single-switch consistency can be resolved. We present a hardware design that supports a transactional configuration mechanism, and provides packet-consistent configuration: all packets traversing the datapath will encounter either the old configuration or the new one, and never an inconsistent mix of the two. Unlike previous work, our design does not require modifications to network packets. We precisely specify the hardwaresoftware protocol for switch configuration; this enables us to prove the correctness of the design, and to provide well-specified invariants that the software driver must maintain for correctness. We implement our prototype switch design using the NetFPGA-10G hardware platform, and evaluate our prototype against commercial off-the-shelf switches.

Information & computer science publications May 1, 2014 Article

The IEEE Symposium on Security and Privacy, in Retrospect

SRI International, Peter Neumann

racing the history of computer security and privacy is a mammoth undertaking, somewhat resembling efforts to combine archaeology and ethnology with a compendium of past and foreseen risks— and how different courses of history might have affected those risks in different ways. (For example, the University of Minnesota’s NSF-funded collection of oral histories from infl uential people in this area is a wonderful eff ort to capture some this information; htt ps://wiki. umn.edu/CBI_ComputerSecurity/WebHome.) Tracing the history of the IEEE Symposium on Security and Privacy (SSP), the longest-running computer security research meeting, is considerably easier—and quite relevant to the somewhat shorter history of IEEE Security & Privacy magazine. Indeed, a previous article writt en for the proceedings of the 31st SSP did exactly that,1 so it seems unnecessary to duplicate it here. Instead, we focus more on SSP’s evolution and its vital relevance to the research and development communities along its path from community gathering to premier security research meeting. We highlight some of the technological and engineering paradigms that SSP stimulated or were refl ected in intense discussions that ensued, and also to some extent SSP’s potential impact on the world at large.

How can we help?

Once you hit send…

We’ll match your inquiry to the person who can best help you.

Expect a response within 48 hours.

Career call to action image

Make your own mark.

Search jobs

Our work

Case studies

Publications

Timeline of innovation

Areas of expertise

Institute

Leadership

Press room

Media inquiries

Compliance

Careers

Job listings

Contact

SRI Ventures

Our locations

Headquarters

333 Ravenswood Ave
Menlo Park, CA 94025 USA

+1 (650) 859-2000

Subscribe to our newsletter


日本支社
SRI International
  • Contact us
  • Privacy Policy
  • Cookies
  • DMCA
  • Copyright © 2022 SRI International