Community-Building Workshop on Programmable System Security in a Software-Defined World
- View All
We increasingly live in a software-defined world where systems that were once implemented as rigid control systems or fixed-function hardware systems are now highly programmable through software interfaces that decouple underlying hardware details and offer remote control and centralized management. Early examples of software-defined systems (SD-X) include multi-tenant clouds, software-defined networking (SDN), network functions virtualization (NFV), software-defined infrastructure (SDI), and software-defined radios (SDR). While SD-X technologies have rapidly proliferated within industry and received considerable systems research attention, the paradigm has not been fully exploited in approaching a wide array of important security challenges. The objective of this workshop is to identify those research challenges and opportunities to exploit SD-X approaches in making system security more programmable, agile, orchestrated, and intelligent. This workshop creates a much-needed opportunity for a cross-cutting group of researchers to fill out the vision of what programmable security based on SD-X could be, including research challenges, long-term visions, and key issues. In the process, this workshop will promote a more focused community and vision where traditionally disparate communities previously worked in isolation and without a more ambitious system security vision within the context of complex software-defined infrastructures. The workshop report will be made available to the public via the workshop website.Broad directions to be considered by the workshop attendees include, but are not limited to: (1) new abstractions for data/control planes aimed specifically at security, (2) new architectures that integrate diverse SD-X domains (networking, processing, storage, etc.) for a more powerful and comprehensive security framework, (3) new programming and language paradigms for programmable security, (4) a better understanding of attack surfaces and adversarial methods within modern software-defined infrastructures, (5) new formal and experimental methodologies for reasoning about software-defined security, (6) the integration of emerging Artificial Intelligence/Machine Learning and data-driven capabilities into programmable system security, (7) new applications paradigms that exploit programmable paradigms in innovative ways, and (8) the application of programmable security approaches to emerging platforms and infrastructure domains. Overall, workshop participants will help to build community and define the vision of a new generation of security technologies in the rapidly expanding world of software-defined infrastructures and devices.This award reflects NSF''s statutory mission and has been deemed worthy of support through evaluation using the Foundation''s intellectual merit and broader impacts review criteria.