Michael LeMay

Michael LeMay

Senior Staff Research Scientist

Intel Labs

Biography

Research Scientist with a focus on memory management architectures for security.

Interests
  • Formal specification and verification
  • Compiler-based security hardening
  • Anti-malware techniques
  • Computer architecture
  • Operating systems and virtualization
Education

  • MS, PhD, and Postdoc in Computer Science, 2012

    University of Illinois at Urbana-Champaign

  • BS in Computer Science, 2005

    University of Wisconsin-Eau Claire

Experience

 
 
 
 
 
Senior Staff Research Scientist
Intel Labs
Jun 2012 – Present Oregon

My research has generated or influenced hardware and software security architectures deployed on a large proportion of computer systems in use today.

I have contributed to shipping processor security technologies, including Control-Flow Enforcement Technology (CET) and VT-Redirect Protection (VT-rp).

Principal Investigator for Intel’s project on Cryptographic Capability Computing (C3) in the DARPA HARDEN program.

I designed and co-developed deterministic spatial safety support for MiraclePtr in the Chrome browser.

My LLVM-based research on shielding stack memory from corruption helped lead to a 2022 paper in a top-tier programming languages conference covered by ZDNet.

I also researched approaches for scalable isolation, e.g., using segmentation to accelerate WebAssembly (upstreamed in wasm2c).

 
 
 
 
 
PhD Student and Postdoc
University of Illinois at Urbana-Champaign
Sep 2005 – May 2012 Illinois

Advisor: Carl A. Gunter

National Defense Science and Engineering Graduate (NDSEG) Fellow

PhD Dissertation: Compact Integrity-Aware Architectures

MS Thesis: Dependable Emergency-Response Networking Based on Retaskable Network Infrastructures

TA for Advanced Computer Security (Instructor: Carl A. Gunter)

TA for Advanced Operating Systems (Instructor: Samuel T. King)

Projects

Memory safety with no additional metadata
The Chromium team has developed BackupRefPtr, which seeks to deterministically enforce temporal memory safety. I developed an extension to BackupRefPtr to also deterministically enforce spatial memory safety (e.g., to mitigate buffer overflows). It does not require storing any additional metadata beyond what the underlying allocator already uses, although it is stateful due to needing the allocator metadata to be loaded during spatial safety checks. It operates by checking that the pointer stays within valid bounds any time the pointer is updated.
Michael LeMay
FPGA-powered candy dispenser
Touchless dispensing with a photoresistor sensor and a PWM-controlled servo
Michael LeMay
Using Intel MPX or segmentation to harden SafeStack
Configuring MPX bounds registers or 32-bit segment registers and extending LLVM and Clang to instrument code to help prevent corruption of the safe stacks.
Michael LeMay
HTTP-controlled MIDI alert bell connected via Ethernet
Based on Contiki OS with the lightweight X86 protection domain support that I implemented.
Michael LeMay
Python X10 CM19A driver (unofficial)
Unofficial driver for the X10 CM19A remote control interface in Python, now maintained by Burns Fisher.
Michael LeMay
X86 lightweight protection domain support for Contiki
Memory management based on paging, software-switched segments, or hardware task switching.
Michael LeMay

Other Publications

Quickly discover relevant content by filtering publications.
Matthew Kolosick, Shravan Narayan, Evan Johnson, Conrad Watt, Michael LeMay, Deepak Garg, Ranjit Jhala, Deian Stefan (2021). Isolation Without Taxation: Near Zero Cost Transitions for SFI. Foundations of Computer Security (FCS).

PDF Project

Yong Yang, Lu Su, Mohammad Maifi Khan, Michael LeMay, Tarek F. Abdelzaher, Jiawei Han (2014). Power-Based Diagnosis of Node Silence in Remote High-End Sensing Systems. ACM Transactions on Sensor Networks (ToSN).

PDF DOI

Jonathan Edwards, Ken Grewal, Michael LeMay, Scott H. Robinson, Ravi Sahita, Carl Woodward (2014). Protecting Sensor Data from Malware Attacks (pages 178-197). Intel Technology Journal (ITJ).

PDF

Omid Fatemieh, Michael LeMay, Carl A. Gunter (2011). Reliable telemetry in white spaces using remote attestation. Annual Computer Security Applications Conference (ACSAC).

PDF Slides DOI

Yong Yang, Lu Su, Mohammad Khan, Michael LeMay, Tarek Abdelzaher, Jiawei Han (2010). Diagnostic Powertracing for Sensor Node Failure Analysis. Information Processing in Sensor Networks (IPSN).

PDF DOI

Alejandro Gutierrez, Apeksha Godiyal, Matt Stockton, Michael LeMay, Carl A. Gunter, Roy H. Campbell (2009). Sh@re: Negotiated audit in social networks. Systems, Man and Cybernetics (SMC).

PDF DOI

Michael LeMay, Carl A. Gunter (2009). Cumulative Attestation Kernels for Embedded Systems. European Symposium on Research in Computer Security (ESORICS).

PDF Slides DOI

Michael LeMay, Jason J. Haas, Carl A. Gunter (2009). Collaborative Recommender Systems for Building Automation. Hawaii International Conference on System Sciences (HICSS).

PDF Slides DOI

Michael LeMay, Carl A. Gunter (2007). Supporting Emergency-Response by Retasking Network Infrastructures. HotNets.

PDF Slides

Michael LeMay, Omid Fatemieh, Carl A. Gunter (2007). PolicyMorph: interactive policy transformations for a logical attribute-based access control framework. Symposium on Access Control Models and Technologies (SACMAT).

PDF Slides DOI

Michael LeMay, George Gross, Carl A. Gunter, Sanjam Garg (2007). Unified Architecture for Large-Scale Attested Metering. Hawaii International Conference on System Sciences (HICSS).

PDF Slides DOI

Michael LeMay, Jack Tan (2006). Acoustic Surveillance of Physically Unmodified PCs. Security and Management (SAM).

PDF Slides

Michael D. LeMay, Jack S.E. Tan (2004). Comprehensive message control and assurance with the secure email transport protocol. Electro/Information Technology (EIT).

DOI

Michael LeMay, Jack Tan (2004). Abstracting Low-Level Network Programming With ACE, a Pattern-Oriented Network Programming Framework. Software Engineering Research and Practice (SERP).

PDF

Patents

Issued patents:

  1. 12,032,486 (2024): Transient side-channel aware architecture for cryptographic computing
  2. 12,019,733 (2024): Compartment isolation for load store forwarding
  3. 12,019,562 (2024): Cryptographic computing including enhanced cryptographic addresses
  4. 12,008,374 (2024): Cryptographic enforcement of borrow checking
  5. 11,972,126 (2024): Data relocation for inline metadata
  6. 11,960,375 (2024): Apparatus and method for pausing processor trace for efficient analysis
  7. 11,954,045 (2024): Object and cacheline granularity cryptographic memory integrity
  8. 11,940,927 (2024): Technologies for memory tagging
  9. 11,922,220 (2024): Function as a service (FaaS) system enhancements
  10. 11,841,939 (2023): Technologies for object-oriented memory management with extended segmentation
  11. 11,838,418 (2023): Protection of keys and sensitive data from attack within microprocessor architecture
  12. 11,836,094 (2023): Cryptographic data objects page conversion
  13. 11,829,488 (2023): Pointer based data encryption
  14. 11,829,299 (2023): Technologies for execute only transactional memory
  15. 11,822,644 (2023): Technologies for object-oriented memory management with extended segmentation
  16. 11,797,678 (2023): Memory scanning methods and apparatus
  17. 11,789,737 (2023): Capability-based stack protection for software fault isolation
  18. 11,784,786 (2023): Mitigating security vulnerabilities with memory allocation markers in cryptographic computing systems
  19. 11,782,826 (2023): Security check systems and methods for memory allocations
  20. 11,782,716 (2023): Hardware apparatuses, methods, and systems for individually revocable capabilities for enforcing temporal memory safety
  21. 11,768,931 (2023): Technologies for object-oriented memory management with extended segmentation
  22. 11,741,018 (2023): Apparatus and method for efficient process-based compartmentalization
  23. 11,734,199 (2023): Enforcing memory operand types using protection keys
  24. 11,711,201 (2023): Encoded stack pointers
  25. 11,704,297 (2023): Collision-free hashing for accessing cryptographic computing metadata and for cache expansion
  26. 11,681,793 (2023): Technologies for object-oriented memory management with extended segmentation
  27. 11,669,625 (2023): Data type based cryptographic computing
  28. 11,630,920 (2023): Memory tagging for side-channel defense, memory safety, and sandboxing
  29. 11,620,391 (2023): Data encryption based on immutable pointers
  30. 11,580,035 (2023): Fine-grained stack protection using cryptographic computing
  31. 11,575,504 (2023): Cryptographic computing engine for memory load and store units of a microarchitecture pipeline
  32. 11,562,063 (2023): Encoded inline capabilities
  33. 11,531,750 (2022): Installing and manipulating a secure virtual machine image through an untrusted hypervisor
  34. 11,436,161 (2022): System for address mapping and translation protection
  35. 11,429,580 (2022): Collision-free hashing for accessing cryptographic computing metadata and for cache expansion
  36. 11,416,624 (2022): Cryptographic computing using encrypted base addresses and used in multi-tenant environments
  37. 11,416,414 (2022): Technologies for execute only transactional memory
  38. 11,409,662 (2022): Apparatus and method for efficient process-based compartmentalization
  39. 11,403,234 (2022): Cryptographic computing using encrypted base addresses and used in multi-tenant environments
  40. 11,392,492 (2022): Memory management apparatus and method for compartmentalization using linear address metadata
  41. 11,360,876 (2022): Apparatus and method for pausing processor trace for efficient analysis
  42. 11,354,423 (2022): Cryptographic isolation of memory compartments in a computing environment
  43. 11,321,469 (2022): Microprocessor pipeline circuitry to support cryptographic computing
  44. 11,250,165 (2022): Binding of cryptographic operations to context or speculative execution restrictions
  45. 11,222,127 (2022): Processor hardware and instructions for SHA3 cryptographic operations
  46. 11,216,366 (2022): Security check systems and methods for memory allocations
  47. 11,188,639 (2021): System, method and apparatus for automatic program compartmentalization
  48. 11,171,983 (2021): Techniques to provide function-level isolation with capability-based security
  49. 11,163,569 (2021): Hardware apparatuses, methods, and systems for individually revocable capabilities for enforcing temporal memory safety
  50. 11,144,479 (2021): System for address mapping and translation protection
  51. 11,080,401 (2021): Memory scanning methods and apparatus
  52. 11,036,850 (2021): Technologies for object-oriented memory management with extended segmentation
  53. 11,030,113 (2021): Apparatus and method for efficient process-based compartmentalization
  54. 10,884,952 (2021): Enforcing memory operand types using protection keys
  55. 10,860,709 (2020): Encoded inline capabilities
  56. 10,795,997 (2020): Hardened safe stack for return oriented programming attack mitigation
  57. 10,785,028 (2020): Protection of keys and sensitive data from attack within microprocessor architecture
  58. 10,769,272 (2020): Technology to protect virtual machines from malicious virtual machine managers
  59. 10,706,164 (2020): Crypto-enforced capabilities for isolation
  60. 10,642,752 (2020): Auxiliary processor resources
  61. 10,558,582 (2020): Technologies for execute only transactional memory
  62. 10,515,023 (2019): System for address mapping and translation protection
  63. 10,503,664 (2019): Virtual machine manager for address mapping and translation protection
  64. 10,453,114 (2019): Selective sharing of user information based on contextual relationship information, such as to crowd-source gifts of interest to a recipient
  65. 10,452,848 (2019): Memory scanning methods and apparatus
  66. 10,324,863 (2019): Protected memory view for nested page table access by virtual machine guests
  67. 10,318,733 (2019): Techniques for detecting malware with minimal performance degradation
  68. 10,235,301 (2019): Dynamic page table edit control
  69. 10,216,522 (2019): Technologies for indirect branch target security
  70. 10,157,277 (2018): Technologies for object-oriented memory management with extended segmentation
  71. 10,152,612 (2018): Cryptographic operations for secure page mapping in a virtual machine environment
  72. 10,104,122 (2018): Verified sensor data processing
  73. 10,061,918 (2018): System, apparatus and method for filtering memory access logging in a processor
  74. 10,007,784 (2018): Technologies for control flow exploit mitigation using processor trace
  75. 9,954,950 (2018): Attestable information flow control in computer systems
  76. 9,858,411 (2018): Execution profiling mechanism
  77. 9,830,162 (2017): Technologies for indirect branch target security
  78. 9,817,976 (2017): Techniques for detecting malware with minimal performance degradation
  79. 9,805,194 (2017): Memory scanning methods and apparatus
  80. 9,792,222 (2017): Validating virtual address translation by virtual machine monitor utilizing address validation structure to validate tentative guest physical address and aborting based on flag in extended page table requiring an expected guest physical address in the address validation structure
  81. 9,710,393 (2017): Dynamic page table edit control
  82. 9,703,703 (2017): Control of entry into protected memory views
  83. 9,665,373 (2017): Protecting confidential data with transactional processing in execute-only memory
  84. 9,501,637 (2016): Hardware shadow stack support for legacy guests
  85. 9,335,943 (2016): Method and apparatus for fine grain memory protection
  86. 9,124,635 (2015): Verified sensor data processing
  87. 8,458,791 (2013): Hardware-implemented hypervisor for root-of-trust monitoring and control of computer system
  88. 7,774,411 (2010): Secure electronic message transport protocol

Published patent applications:

  1. 17/936,011: DETERMINISTIC ADJACENT OVERFLOW DETECTION FOR SLOTTED MEMORY POINTERS
  2. 17/953,186: TEMPORAL INFORMATION LEAKAGE PROTECTION MECHANISM FOR CRYPTOGRAPHIC COMPUTING
  3. 17/949,353: USER-LEVEL EXCEPTION-BASED INVOCATION OF SOFTWARE INSTRUMENTATION HANDLERS
  4. 18/499,133: POINTER BASED DATA ENCRYPTION
  5. 17/886,981: SPECULATING OBJECT-GRANULAR KEY IDENTIFIERS FOR MEMORY SAFETY
  6. 17/853,087: REDUCING INSTRUMENTATION CODE BLOAT AND PERFORMANCE OVERHEADS USING A RUNTIME CALL INSTRUCTION
  7. 17/853,087: REDUCING INSTRUMENTATION CODE BLOAT AND PERFORMANCE OVERHEADS USING A RUNTIME CALL INSTRUCTION
  8. 17/849,351: CONTROL FLOW INTEGRITY TO PREVENT POTENTIAL LEAKAGE OF SENSITIVE DATA TO ADVERSARIES
  9. 17/957,814: MEMORY SAFETY WITH SINGLE MEMORY TAG PER ALLOCATION
  10. 17/848,142: IMPLICIT MEMORY CORRUPTION DETECTION FOR CONDITIONAL DATA TYPES
  11. 17/791,000: CRYPTOGRAPHIC COMPUTING IN MULTITENANT ENVIRONMENTS
  12. 17/947,072: UPDATING ENCRYPTED SECURITY CONTEXT IN STACK POINTERS FOR EXCEPTION HANDLING AND TIGHT BOUNDING OF ON-STACK ARGUMENTS
  13. 17/357,951: ZERO-REDUNDANCY TAG STORAGE FOR BUCKETED ALLOCATORS
  14. 17/855,261: STATELESS AND LOW-OVERHEAD DOMAIN ISOLATION USING CRYPTOGRAPHIC COMPUTING
  15. 17/854,814: CRYPTOGRAPHIC COMPUTING ISOLATION FOR MULTI-TENANCY AND SECURE SOFTWARE COMPONENTS
  16. 17/833,515: CRYPTOGRAPHIC ISOLATION OF MEMORY COMPARTMENTS IN A COMPUTING ENVIRONMENT
  17. 17/357,963: REGION-BASED DETERMINISTIC MEMORY SAFETY
  18. 17/704,771: TAGLESS IMPLICIT INTEGRITY WITH MULTI-PERSPECTIVE PATTERN SEARCH
  19. 17/696,330: RATCHET POINTERS TO ENFORCE BYTE-GRANULAR BOUNDS CHECKS ON MULTIPLE VIEWS OF AN OBJECT
  20. 17/699,593: CRYPTOGRAPHIC DATA OBJECTS PAGE CONVERSION
  21. 17/693,748: GENERATING ENCRYPTED CAPABILITIES WITHIN BOUNDS
  22. 17/682,997: COMPILER-DIRECTED SELECTION OF OBJECTS FOR CAPABILITY PROTECTION
  23. 17/561,828: PROCESS OBJECT RE-KEYING DURING PROCESS CREATION IN CRYPTOGRAPHIC COMPUTING
  24. 17/559,385: DATA OBLIVIOUS CRYPTOGRAPHIC COMPUTING
  25. 17/561,817: TYPED STORE BUFFERS FOR HARDENING STORE FORWARDING
  26. 17/314,349: TECHNOLOGY TO CONTROL SYSTEM CALL INVOCATIONS WITHIN A SINGLE ADDRESS SPACE
  27. 16/862,022: MEMORY WRITE FOR OWNERSHIP ACCESS IN A CORE
  28. 15/721,553: Installing and manipulating a secure virtual machine image through an untrusted hypervisor
  29. 15/713,573: Methods and arrangements to determine physical resource assignments
  30. 16/040,193: System, method and apparatus for automatic program compartmentalization
  31. 15/273,286: Access control
  32. 15/201,018: Regulating control transfers for execute-only code execution

Skills

C/C++

App, kernel, and hypervisor development for Linux, Windows, and embedded systems with Boost and generics experience

Makefiles

Including CMake

Linux shell scripting

(e.g., Bash)

Git
Rust

Including for WebAssembly

Asciidoc, Markdown, LaTeX
Go
SMT-LIB/Z3

SAT/SMT solver (completed Coursera course)

X86 Assembly

Somewhat familiar with assembly language for other architectures as well

LLVM/Clang

Compiler framework

Bluespec SystemVerilog

High-Level Synthesis (HLS) language based on Term-Rewriting Systems

Maude

Model checker based on Term-Rewriting Systems and Linear-Temporal Logic

Isabelle/HOL

Interactive theorem prover

Python
JavaScript
Java
Verilog/VHDL

Experience using Intel Quartus and Xilinx Vivado FPGA toolchains. Experience using Synopsys VCS and Mentor Graphics Modelsim simulators. Experience extending and maintaining an in-house Verilog simulator during an internship with Cray, Inc.

Prolog

Logic programming language

Professional Service and Volunteering

Professional society memberships:

  • Senior Member of the Association for Computing Machinery (ACM)
  • Senior Member of IEEE

Program Committee (PC) member:

Journal reviews:

  • 2019 IEEE Transactions on Networking
  • 2013 IEEE Transactions on Information Forensics & Security (TIFS)
  • 2009 Journal of Computer Security (JCS)
  • 2009 IEEE Transactions on Industrial Electronics (TIE)
  • 2007 ACM Transactions on the Web (TWEB)
  • 2005 ACM Transactions on Information and System Security (TISSEC)

Conference and workshop reviews:

  • 2021 Design Automation Conference (DAC)
  • 2013 IEEE PowerTech
  • 2009 International Conference on Distributed Computing Systems (ICDCS)
  • 2009 IEEE Symposium on Security and Privacy (Oakland)
  • 2008 IEEE Workshop on Policies for Distributed Systems and Networks (POLICY)
  • 2008 Hawaiian International Conference on System Sciences (HICSS)
  • 2007 IEEE Computer Security Foundations Symposium (CSF)
  • 2007 ACM Workshop on Privacy in the Electronic Society (WPES)
  • 2006 IEEE International Conference on Network Protocols (ICNP)
  • 2006 IFIP International Conference on Critical Infrastructure Protection (ICCIP)
  • 2006 ACM Workshop on Privacy in the Electronic Society (WPES)

Selected Mentoring Experiences:

Volunteering:

Awards and Accomplish­ments

IHSAA Honorable Mention
Intel Aug 2024
Intel Hardware Security Academic Award Honorable Mention for a paper on Hardware-assisted Fault Isolation (HFI).
See certificate
Coursera
Automated Reasoning: satisfiability
Coursera Jan 2021
See certificate

Hobbies

Contact

For messages related to my work at Intel, please contact me at michael dot lemay at intel dot com.

For other messages, please contact me at m at lemays dot org.

    Recent Posts

    I post a mix of professional content and personal content on my website, and I categorize my posts accordingly. Separate RSS/Atom feeds are generated for each of those categories, and there is also a combined feed:

    Combining tools to detach Delta single-hole kitchen faucets
    Some Delta single-hole faucets use a large nut that screws onto a long stem to tighten a clamp that grips the countertop. It can be a challenge both to firmly tighten that nut as well as to loosen it, since the fins are small on the wrench that Delta includes with those faucets.
    Last updated on Dec 28, 2022 1 min read personal
    Organizing a project knowledge base
    I have found myself running up against the practical limits of individual notebooks and email archives full of meeting minutes and scattered notes about papers and other materials that I’ve read, despite those notebooks at least being searchable.
    Last updated on Apr 29, 2022 6 min read professional
    Adding a heat pump alongside a natural gas furnace with tight duct turns
    Introduction We recently replaced our 30-year old air conditioner with an air-source heat pump. It ended up requiring several visits to ultimately get it working properly. I describe our experiences here in case others encounter similar difficulties.
    Last updated on Jul 31, 2022 5 min read personal
    Gardening in a suburb of Portland, Oregon
    My family and I have been cultivating our backyard (and front yard) garden in a suburb of Portland, Oregon, for eight years. I grew up in central Wisconsin pulling weeds from rows of beans and strawberries, and my wife was a patio gardener during her childhood and in grad school.
    Last updated on Apr 29, 2022 6 min read personal
    Gardening in a suburb of Portland, Oregon