In this talk, I will describe a new design principle for security: the hardware-up principle. Hardware-up security means that systems should be secured starting from hardware instead of the existing popular approach where software layers are secured, assuming that the lower layers are secure when they are not. I will discuss how systems designed for security from hardware-up offer unique advantages unavailable in current protection systems: a smaller attack surface, energy-efficient execution, and the ability to reason about security compositionally.
I had the privilege of being the first speaker at the First Annual Symposium on Computer Architecture in 1973. Over the last 40 years I have worked on PDP-11, VAX, MIPS, Alpha, x86, Itanium, and ARM processors and systems. Moore’s Law has enabled computer architects to increase the pace of innovation and the development of microprocessors with new instruction sets. In the 1970s, minicomputers from Digital Equipment Corporation, Data General and Hewlett Packard started to challenge IBM mainframes. The introduction of the 32-bit VAX-11/780 in 1978 was a landmark event.