My research focuses on improving the security, efficiency, and scalability of modern computing systems through architectural and microarchitectural innovations. I develop deployable hardware security mechanisms, including microcode-level enforcement and architectural compartmentalization, to protect commodity processors from memory corruption and transient execution attacks. In parallel, I design efficient interconnection architectures and develop simulation frameworks using gem5 to model heterogeneous and disaggregated systems. My work bridges processor architecture, hardware security, and system-level modeling to enable secure and high-performance computing platforms.

Hardware Security and Microcode-Based Enforcement

My current research investigates microcode-level security mechanisms that enforce memory safety and compartmentalization beneath the ISA boundary. As part of this effort, I contribute to the development of architectural mechanisms that provide fine-grained memory protection and compartmentalization. I currently serve as a Co-Principal Investigator on the ONR-funded TrustedCPU project, where I design microcode-level enforcement mechanisms to mitigate memory corruption and transient execution attacks. This work explores architectural security enforcement integrated within the processor front-end and decode pipeline, enabling fine-grained isolation and secure execution while maintaining compatibility with existing systems. 

This work explores:

• Microcode-based enforcement of spatial and temporal memory safety

• Hardware defenses against heap memory corruption attacks

• Secure processor execution for legacy software environments

• Front-end pipeline and decode-stage security mechanisms

Computer Architecture and Network-on-Chip Systems

My doctoral research focused on improving the reliability, efficiency, and lifetime of Network-on-Chip (NoC) interconnects using emerging memory technologies. This work addressed key challenges, including write endurance, energy efficiency, and performance scalability in modern multicore and accelerator-based systems. I developed architectural techniques such as endurance-aware buffering, adaptive write reduction, and secure routing mechanisms to improve system reliability and resilience.

This work contributes to:

• Efficient interconnect design for modern processors

• Architecture support for emerging memory technologies

• Scalable interconnection systems for accelerator-rich platforms

Modeling Heterogeneous Systems and Disaggregated Memory

I develop architectural simulation frameworks using gem5 to model heterogeneous, multi-ISA systems and disaggregated memory architectures, including CXL-based memory systems. This work enables detailed performance, correctness, and security evaluation of modern composable computing environments. My research focuses on modeling secure data movement, architectural isolation mechanisms, and system-level interactions across CPUs, accelerators, and shared memory systems.

This research investigates:

• Modeling multi-ISA heterogeneous systems

• Simulation-driven architectural design and evaluation

• Architecture support for disaggregated and composable memory systems

• Performance and security analysis of modern system architectures

My long-term research goal is to design secure and scalable computer architectures that provide strong hardware-rooted security guarantees while maintaining high performance. I aim to develop deployable architectural mechanisms that protect modern computing systems across processors, accelerators, and disaggregated memory environments.

My research is supported by federally funded programs focused on secure and resilient computing systems. I actively contribute to projects spanning hardware security, microcode-based protection mechanisms, and secure computer architecture.

Office of Naval Research (ONR) — Applied Cyber Resiliency Program

Project: TrustedCPU: Formally Verified Microcode Customization for Security Exploit Mitigation

Role: Co-Principal Investigator (Co-PI)

Institution: Systems Software Research Group (SSRG), Virginia Tech

This ONR-funded project investigates microcode customization as a deployable security mechanism for commodity processors. The goal is to mitigate security exploits—including memory corruption and transient/speculative execution attacks—by enforcing security checks beneath the ISA boundary, without requiring ISA changes, compiler modifications, or application rewrites. A key emphasis of TrustedCPU is formal verification, enabling high assurance that microcode-level security policies are correct and robust. My work focuses on designing microcode-level enforcement mechanisms that support compartmentalization and capability-style checks at/around instruction decode and execution, and on evaluating security performance trade-offs in realistic system settings.

DARPA VSPELL / BARC Program — Input-Oriented Object Compartmentalization (IOCS)

Role: Research Contributor

Institution: Systems Software Research Group (SSRG), Virginia Tech

My IOCS (Input-Oriented Compartmentalization System) research introduces a fully automated framework for fine-grained software compartmentalization to mitigate memory corruption vulnerabilities. The core idea is to automatically identify data derived from external inputs using a hybrid taint analysis that combines both static and dynamic techniques to precisely track how untrusted input propagates through a program. IOCS then enforces security by rewriting the program’s assembly code to isolate each input-derived data object into its own dedicated memory compartment, preventing unauthorized access and limiting the impact of exploits such as buffer overflows or privilege escalation. Unlike prior approaches that require manual annotations or specialized hardware, IOCS operates directly at the binary level, enabling transparent, architecture-agnostic protection. The system includes formal verification to ensure correctness of the rewritten code and demonstrates strong security guarantees with minimal performance overhead (as low as ~3% in real-world applications like Nginx), making it a practical and deployable solution for improving software memory safety.

DARPA / Synopsys Automated Implementation of Secure Silicon (AISS) Program

Role: Task Lead and Research Lead 

Institution: Trustworthy and Intelligent Systems Lab, University of Florida

As part of the DARPA/Synopsys AISS program, I led two major project tasks focused on configurable cryptographic hardware and hardware threat analysis. I led a team of researchers in the development, validation, and security analysis of cryptographic hardware and software modules, including AES, RSA, ECDSA, ECIES, and SHA.

My research contributions included developing automated FSM encoding techniques to defend against laser fault injection attacks, improving hardware resilience while maintaining area efficiency. This work was published at the IEEE International Conference on Computer Design (ICCD), 2022, and extended for elliptic curve cryptographic modules. I also conducted hardware threat analysis, including malicious implant detection, hardware Trojan benchmarking, finite-state machine security validation, and mitigation of fault injection vulnerabilities. Additionally, I managed project deliverables, coordinated research tasks, and contributed to secure hardware design workflows aligned with DARPA's hardware assurance objectives.

Other Research Projects

Software/Hardware Co-Design for Mitigating Speculative Execution Side-Channel Attacks

Role: Research Collaborator

Institution: National University of Singapore (NUS)

At the National University of Singapore, I worked on hardware/software co-design techniques to mitigate speculative execution side-channel attacks such as Spectre and Meltdown. This work focused on improving secure processor execution without sacrificing performance by enabling the processor to continue executing safe instructions while security checks are performed.

My contributions included extending compiler analysis to identify control- and data-independent instructions and providing metadata to the processor to safely bypass unnecessary execution restrictions. I implemented and evaluated the proposed design using the gem5 architectural simulator and demonstrated improvements in processor performance and pipeline utilization while maintaining strong security guarantees. This work explored compiler-informed secure execution models, reorder buffer (ROB) restriction management, and architectural support for secure speculative execution.

This research strengthened my expertise in secure processor architecture, hardware/software co-design, speculative execution mitigation, and architectural simulation.

Future Funding Directions

My research agenda aligns with several major federal funding programs supporting secure and efficient computer architecture and hardware security research, including:

• National Science Foundation (NSF): Future Computing Research (Future CoRe): Systems and Hardware Foundations (SHF) program

• NSF Secure and Trustworthy Cyberspace (SaTC) program

• DARPA Microsystems Technology Office (MTO)

• Office of Naval Research (ONR)

I actively work on developing research proposals in these areas to support secure, scalable, high-performance computing architectures.