project based in trusted computing

Sir,
I am a M.tech student of Computer Science and Engineering Department ,Indian Institute of technology, Kharagpur(India).
I have to do a project in trusted computing field. I went through LLVM Project site. and I want to work in some project of LLVM.
Can u suggest me some project which is somehow related to trusted computing and i can work on that ?
In hope of your reply,

Amit Suthar
M.tech Student
Computer Science and Engineering Department,
IIT Kharagpur
West Bengal (INDIA)

amit suthar wrote:

Sir,
          I am a M.tech student of Computer Science and Engineering
Department ,Indian Institute of technology, Kharagpur(India).
I have to do a project in trusted computing field. I went through LLVM
Project site. and I want to work in some project of LLVM.
Can u suggest me some project which is somehow related to trusted
computing and i can work on that ?
In hope of your reply,

There are three LLVM/Clang-related projects that focus on security:

1) The SAFECode compiler, which provides memory safety guarantees nearly
as strong as those found in type-safe languages (such as Java). The
source code isn't publicly distributed yet (I'm working on it), but we
can get you an early copy if you need it.

2) The SoftBound project, which provides dynamic array bounds checking
for code compiled to LLVM. This is publicly available for LLVM 2.5 from
http://www.cis.upenn.edu/acg/softbound/.

3) The Clang static analyzer, which is a source-level analyzer that
looks for bugs in programs. It is publicly available at
http://cfe.llvm.org. It is based on Clang; the new C frontend built for
LLVM.

There are numerous projects that you could do that are security
related. Some of them build upon the projects listed above. Some ideas
are:

1) There are a number of improvements that could be made to the SAFECode
compiler to improve its performance. For example, you could write a new
static array bounds checking pass for SAFECode. I believe someone in
the LLVM community is developing a pass like this for mainline LLVM, but
I don't know the status of that project. Alternatively, you could
implement some value-range analysis pass that provides more accurate
results than what currently exists in LLVM.

2) You could implement something like PointGuard or Data Space
Randomization (use Google Scholar to find the papers on these technologies).

3) You could enhance the clang static analyzer to perform
security-related analyses that have not already been implemented or
improve those that already exist.

4) You could implement a Software Fault Isolation system (like SFI, XFI,
or BGI (recently published in SOSP 2009)) in LLVM.

I'm sure there are many things you can do. I recommend reading up on
the security literature and picking something that interests you.

If you're interested in SAFECode, please email me off list.

Regards,

-- John T.

4) You could implement a Software Fault Isolation system (like SFI, XFI,
or BGI (recently published in SOSP 2009)) in LLVM.

How much interest in the wider community would there be for being able to generate code that complies with SFI validation rules? One part of my project is looking into re-implementing SFI for the LLVM x86 backend based on the Google NaCl project's GCC patches. I was wondering if there might be value in getting that into mainline somewhere down the road.