Send message to Author

Short abstract

In this talk I examine how security research has challenged previously stable interfaces between hardware and software, and argue that the concept of interface work may offer resources for reasoning about the implications.

Long abstract

In this talk I examine how security research has challenged previously stable interfaces between hardware and software, and argue that the concept of interface work may offer resources for reasoning about the implications.

The abstractions specified in instruction set architectures and memory standards define core functional interfaces on which software work depends, enabling analogue hardware to be treated as implementing specific digital functionality. The material properties of semiconductor hardware make direct scrutiny difficult, and details of the hardware design are often concealed for commercial purposes. Reasoning about computation thus conventionally rests on assumptions that standards and specifications accurately represent the functional properties of the hardware. However, in the 2010s security research into disturbance errors and transient execution vividly demonstrated that the functionality that hardware offers to a creative programmer is not reliably constrained by specification. Exploiting these vulnerabilities can entail the implementation of ‘weird machines’ with computational capacities that transgress those intended (Dullien 2017).

I go back to classic work on information hiding, and David Parnas’s characterisation of modularity in terms of ‘responsibility assignment’ (1972, Colburn and Shute 2011), and Melvin Conway’s observations of emergent homomorphism between social organisation and software architecture (1968). If computer science and software engineering understood interfaces in terms of intended divisions of labour, recent vulnerability research pushes us to question the power of the designer to define what interfaces are possible. Adversarial interface work, then, is a set of social processes that explores the possibility space for adversarial agency, increasingly crucial for security today.