Hardware-Software Interface (WiCS Seminars 2026 Week 6)

The final WiCS seminar focused on the hardware‑software interface, zeroing in on memory‑safety vulnerabilities that dominate modern cyber‑risk. Presenter Tenhu, a first‑year Cambridge PhD, explained how low‑level bugs in C/C++—from buffer overflows to use‑after‑free—fuel attacks such as WannaCry ransomware and return‑oriented programming exploits. Key insights highlighted that roughly 70% of critical security bugs stem from memory‑safety flaws, that CVE databases systematically track these issues, and that hardware‑assisted mechanisms (e.g., ROP mitigation, pointer‑bounds checking) can dramatically improve protection. The talk contrasted unsafe languages with managed runtimes like Java or Python, noting that even those rely on unsafe C/C++ cores. Examples included audience‑generated attack vectors, a live ROP demo on a vulnerable C program, and a clarification that C# is generally memory‑safe due to its runtime. The presenter emphasized pointers as the bridge between software and hardware, explaining spatial and temporal errors that lead to corruption. Implications are clear: enterprises must adopt hardware‑assisted memory‑safety solutions and prioritize patching CVE‑listed bugs, while students are encouraged to explore research at the intersection of hardware design and secure software development.