Gedare Bloom


This page describes my research projects more-or-less in reverse chronological order. See also my publications and software.


My research area is in real-time/embedded systems (RT/ES) focusing on the cross-cutting concerns of security and predictability. My research applies the areas of operating systems, computer architecture, computer security, and programming languages/compilers.

To conduct RT/ES research, I have developed experimental infrastructures using modified cycle-accurate processor simulators including SimpleScalar, GEMS, and gem5. With these simulators I have used bare-metal, the Linux kernel, Composite OS, and the RTEMS real-time operating system to evaluate my research.

Automotive Cyber Security

National Science Foundation NSF CNS 1646317 and CNS 2011620. Project Webpage

This project investigates security protocols and mechanisms that maintain safe operations for network-connected and autonomous automotive vehicles. I am currently pursuing two broad directions:

  1. Develop algorithms and methods for an in-vehicle network intrusion detection system that can detect attacks on the (CAN) network and transition vehicular subsystems into fail-safe/fail-operational modes.
  2. Improve our understanding of the attack surface that a connected car exposes and the vulnerabilities that may be exploited remotely.


Industrial Control System Security

National Science Foundation Supported in part by NSF OAC 1839321 and OAC 2001789

This project investigates security for the EPICS/RTEMS open-source software ecosystem in support of scientific industrial control systems.


Hardware Data Structures

For my dissertation, I studied hardware support (circuit-level parallelism) for improving the performance of data structures. I investigated how OS support helps applications to use the hardware, and applied my methods to real-time systems (GPS navigation, image processing) and distributed access control.


Untrusted IC Fabrication—IC Supply Chain

A newer field of study is the problem of malicious changes made to integrated circuits (IC or chip). These malicious changes, called Trojan circuits (or hardware Trojans), are an active area of study. Trojan circuits are a problem because ICs are manufactured in untrusted semiconductor fabrication plants (fabs or foundries). Untrusted fabrication also introduces the threats of intellectual property (IP) theft and counterfeit or cloned chips.

I looked into methods of active detection of Trojan circuit behavior at runtime; my work is contrary to most other research, which focuses on detection in a lab setting. By adding some simple, verifiable hardware logic at the board level (plug a card in to your motherboard), we can detect Trojan circuits when they make their move.

I also propose novel methods for fabs to increase trust in their processes by adding audit and tracking mechanisms.


Hardware Containers for Software Security

In the hardware containers project, I worked closely with Eugen Leontie and others to investigate hardware approaches for fine-grained memory access control. Our solution enables software developers to enforce memory protection in software components as small as C functions. Our code is available on GitHub with a modified SimpleScalar and modified GEMS.


Distributed Systems

My research career started out in parallel programming with the MTU UPC Group and distributed systems with Jonathan Stanton’s project, the Spread Messaging Toolkit. Although I did not go very far along this path, the general area continues to interest me.

Secure Bulletin Board (SecBB)

Critical to many electronic voting systems, a secure bulletin board provides append-only, globally-visible storage. Verifying operations with a secure bulletin board is simple: post items to the board and the entire world can verify their contents. Unfortunately, most current implementations require trusting a central (third) party.

One approach could use replicated servers and copy posted messages to each replica. Then, a majority of messages that are read exactly the same are taken as the correct message. I have implemented such a service, using a group messaging system and some cryptographic primitives. If a majority of the servers are correct, a posted message will remain immutable. Although the implementation is not production-quality, initial performance results are promising for even large precinct elections (4 million voters).

Mixnet Privacy

The gap between the practical and theoretical number of permutations that can be generated using a pseudorandom number generator (PRNG), when combined with randomized partial checking, introduces privacy loss. However, the privacy loss is of a theoretical nature: as long as the PRNG maintains the seed entropy at a level that is computationally infeasible to brute-force, then this gap does not indicate loss of privacy.