Abstract. Much of the extraordinary success of the computer industry over the last half-century is because the vast majority of computing machines we’ve built are *general purpose computers*. Subject to the limitations of finite memory, time, and processor speed, general-purpose computers are (near) Turing complete; that is, capable of computing anything that is computable. But it’s exactly that same strategy that makes our computer and network systems so vulnerable to attack: If an outsider can gain control of your general-purpose system, then s/he can in principle use it for whatever purposes s/he is clever enough to trick your system into executing, precisely because the system is (near) Turing complete.
This Working Group will explore strategies for retaining the hardware and software advantages of general purpose computers, while denying those same general purpose capabilities to outside attackers. The focus will be on systems and applications that, by definition, require routine access from the open internet (e.g., webservers, online banking and other financial systems, etc.).