SpecVerilog: Adapting Information Flow Control for Secure Speculation
Pages 2068 - 2082
Abstract
To address transient execution vulnerabilities, processor architects have proposed both defensive designs and formal descriptions of the security they provide. However, these designs are not typically formally proven to enforce the claimed guarantees; more importantly, there are few tools to automatically ensure that Register Transfer Level (RTL) descriptions are faithful to high-level designs.
In this paper, we demonstrate how to extend an existing security-typed hardware description language to express speculative security conditions and to verify the security of synthesizable implementations. Our tool can statically verify that an RTL hardware design is free of transient execution vulnerabilities without manual proof effort. Our key insight is that erasure labelsi> can be adapted both to be statically checkable and to represent transiently accessed or modified data and its mandatory erasure under misspeculation. Further, we show how to use erasure labels to defend a strong formal definition of speculative security. To validate our approach, we implement several components that are critical to speculative, out-of-order processors and are also common vectors for transient execution vulnerabilities. We show that the security of existing defenses can be correctly validated and that the absence of necessary defenses is detected as a potential vulnerability.
References
[1]
Sam Ainsworth. 2021. GhostMinion: A Strictness-Ordered Cache System for Spectre Mitigation. In MICRO-54: 54th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO '21). Association for Computing Machinery. https://doi.org/10.1145/3466752.3480074
[2]
Sam Ainsworth and Timothy M Jones. 2020. Muontrap: Preventing cross-domain Spectre-like attacks by capturing speculative state. In ACM/IEEE 47th Annual International Symposium on Computer Architecture (ISCA).
[3]
Armaiti Ardeshiricham, Wei Hu, and Ryan Kastner. 2017a. Clepsydra: Modeling timing flows in hardware designs. In 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). IEEE. https://doi.org/10.1109/ICCAD.2017.8203772
[4]
Armaiti Ardeshiricham, Wei Hu, Joshua Marxen, and Ryan Kastner. 2017b. Register transfer level information flow tracking for provably secure hardware design. In Design, Automation & Test in Europe Conference & Exhibition (DATE), 2017. IEEE.
[5]
Mohammad Behnia, Prateek Sahu, Riccardo Paccagnella, Jiyong Yu, Zirui Neil Zhao, Xiang Zou, Thomas Unterluggauer, Josep Torrellas, Carlos Rozas, Adam Morrison, et al. 2021. Speculative interference attacks: Breaking invisible speculation schemes. In Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems.
[6]
Nathan Binkert, Bradford Beckmann, Gabriel Black, Steven K Reinhardt, Ali Saidi, Arkaprava Basu, Joel Hestness, Derek R Hower, Tushar Krishna, Somayeh Sardashti, et al. 2011. The gem5 simulator. ACM SIGARCH computer architecture news (2011).
[7]
Chandler Carruth. 2018. RFC: Speculative load hardening (a Spectre variant 1 mitigation). https://lists.llvm.org/pipermail/llvm-dev/2018-March/122085.html. (2018).
[8]
Sunjay Cauligi, Craig Disselkoen, Klaus v Gleissenthall, Dean Tullsen, Deian Stefan, Tamara Rezk, and Gilles Barthe. 2020. Constant-time foundations for the new Spectre era. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation.
[9]
Kevin Cheang, Cameron Rasmussen, Sanjit Seshia, and Pramod Subramanyan. 2019. A Formal Approach to Secure Speculation. In 2019 IEEE 32nd Computer Security Foundations Symposium (CSF). https://doi.org/10.1109/CSF.2019.00027
[10]
S. Chong and A.C. Myers. 2005 a. Language-based information erasure. In 18th IEEE Computer Security Foundations Workshop (CSFW'05). https://doi.org/10.1109/CSFW.2005.19
[11]
Stephen Chong and Andrew C. Myers. 2005 b. Language-Based Information Erasure. In 18textsuperscriptth IEEE Computer Security Foundations Workshop (CSFW). 241--254. http://www.cs.cornell.edu/andru/papers/erasure.pdf
[12]
Stephen Chong and Andrew C. Myers. 2008. End-to-End Enforcement of Erasure and Declassification. In IEEE Computer Security Foundations Symp. (CSF). 98--111. http://www.cs.cornell.edu/andru/papers/enferasure-csf08.pdf
[13]
Leonardo de Moura and Nikolaj Bjørner. 2008. Z3: an efficient SMT solver. In Proceedings of the Theory and Practice of Software, 14th Int'l Conf. on Tools and Algorithms for the Construction and Analysis of Systems. Springer-Verlag, Berlin, Heidelberg, 337--340. https://doi.org/10.1007/978-3-540-78800-3_24
[14]
Shuwen Deng, Doğuhan Gümüşoğlu, Wenjie Xiong, Sercan Sari, Y Serhan Gener, Corine Lu, Onur Demir, and Jakub Szefer. 2019. SecChisel framework for security verification of secure processor architectures. In Proceedings of the 8th International Workshop on Hardware and Architectural Support for Security and Privacy.
[15]
Dorothy E. Denning. 1976. A Lattice Model of Secure Information Flow. Comm. of the ACM, Vol. 19, 5 (1976), 236--243. https://dl.acm.org/citation.cfm?id=360056
[16]
Mohammad Rahmani Fadiheh, Alex Wezel, Johannes Müller, Jörg Bormann, Sayak Ray, Jason M. Fung, Subhasish Mitra, Dominik Stoffel, and Wolfgang Kunz. 2023. An Exhaustive Approach to Detecting Transient Execution Side Channels in RTL Designs of Processors. IEEE Trans. Comput. (2023). https://doi.org/10.1109/TC.2022.3152666
[17]
Andrew Ferraiuolo, Weizhe Hua, Andrew C. Myers, and G. Edward Suh. 2017a. Secure Information Flow Verification with Mutable Dependent Types. In Design Automation Conference (DAC).
[18]
Andrew Ferraiuolo, Rui Xu, Danfeng Zhang, Andrew C. Myers, and G. Edward Suh. 2017b. Verification of a Practical Hardware Security Architecture Through Static Information Flow Analysis. In Int'l Conf. on Architectural Support for Programming Languages and Operating Systems (ASPLOS).
[19]
Andrew Ferraiuolo, Mark Zhao, Andrew C Myers, and G Edward Suh. 2018. HyperFlow: A processor architecture for nonmalleable, timing-safe information flow security. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security.
[20]
Jacob Fustos, Michael Bechtel, and Heechul Yun. 2020. SpectreRewind: Leaking secrets to past instructions. In Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security.
[21]
Marco Guarnieri, Boris Köpf, José F Morales, Jan Reineke, and Andrés Sánchez. 2020. Spectector: Principled detection of speculative information flows. In 2020 IEEE Symposium on Security and Privacy (SP). IEEE.
[22]
Marco Guarnieri, Boris Köpf, Jan Reineke, and Pepe Vila. 2021. Hardware-Software Contracts for Secure Speculation. In 2021 IEEE Symposium on Security and Privacy (SP). 1868--1883. https://doi.org/10.1109/SP40001.2021.00036
[23]
Wei Hu, Jason Oberg, Ali Irturk, Mohit Tiwari, Timothy Sherwood, Dejun Mu, and Ryan Kastner. 2012. On the complexity of generating gate level information flow tracking logic. Transactions on Information Forensics and Security (2012).
[24]
Sebastian Hunt and David Sands. 2008. Just forget it--the semantics and enforcement of information erasure. In European Symposium on Programming.
[25]
Zhenghong Jiang, Hanchen Jin, G Edward Suh, and Zhiru Zhang. 2019. Designing secure cryptographic accelerators with information flow enforcement: A case study on AES. In Proceedings of the 56th Annual Design Automation Conference.
[26]
Georgios Keramidas, Alexandros Antonopoulos, Dimitrios N Serpanos, and Stefanos Kaxiras. 2008. Non deterministic caches: A simple and effective defense against side channel attacks. Design Automation for Embedded Systems, Vol. 12 (2008).
[27]
Elisavet Kozyri, Fred B Schneider, Andrew Bedford, Josée Desharnais, and Nadia Tawbi. 2019. Beyond labels: Permissiveness for dynamic information flow enforcement. In 32nd Computer Security Foundations Symposium (CSF). IEEE.
[28]
Peng Li, Yun Mao, and Steve Zdancewic. 2003. Information Integrity Policies. In Workshop on Formal Aspects in Security and Trust (FAST).
[29]
Xun Li, Vineeth Kashyap, Jason K. Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, and Frederic T. Chong. 2014. Sapper: A Language for Hardware-level Security Policy Enforcement. In International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS).
[30]
Xun Li, Mohit Tiwari, Jason K. Oberg, Vineeth Kashyap, Frederic T. Chong, Timothy Sherwood, and Ben Hardekopf. 2011. Caisson: A Hardware Description Language for Secure Information Flowx. In Conference on Programming Language Design and Implementation (PLDI).
[31]
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown. arXiv preprint arXiv:1801.01207 (2018).
[32]
Kevin Loughlin, Ian Neal, Jiacheng Ma, Elisa Tsai, Ofir Weisse, Satish Narayanasamy, and Baris Kasikci. 2021. DOLMA: Securing Speculation with the Principle of Transient Non-Observability. In 30th USENIX Security Symposium (USENIX Security 21).
[33]
ARM Ltd. 2009. ARM Security Technology: Building a Secure System using TrustZone Technology. (2009).
[34]
Nicholas Mosier, Hanna Lachnitt, Hamed Nemati, and Caroline Trippel. 2022. Axiomatic hardware-software contracts for security. In Proceedings of the 49th Annual International Symposium on Computer Architecture.
[35]
Lars Müller. 2018. KPTI a Mitigation Method Against Meltdown. Advanced Microkernel Operating Systems (2018).
[36]
Andrew C. Myers. 1999. JFlow: Practical Mostly-Static Information Flow Control. In 26textsuperscriptth ACM Symp. on Principles of Programming Languages (POPL). 228--241. https://doi.org/10.1145/292540.292561
[37]
Gururaj Saileshwar and Moinuddin K Qureshi. 2019. Cleanupspec: An "undo" approach to safe speculation. In Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture.
[38]
Christos Sakalis, Stefanos Kaxiras, Alberto Ros, Alexandra Jimborean, and Magnus Själander. 2019. Efficient Invisible Speculative Execution Through Selective Delay and Value Prediction. In Proceedings of the 46th International Symposium on Computer Architecture.
[39]
Michael Schwarz, Moritz Lipp, Claudio Canella, Robert Schilling, Florian Kargl, and Daniel Gruss. 2020. ConTExT: A Generic Approach for Mitigating Spectre. In NDSS.
[40]
Yonatan Sompolinsky, Yoad Lewenberg, and Aviv Zohar. 2016. SPECTRE: A Fast and Scalable Cryptocurrency Protocol. Cryptology ePrint Archive, Report 2016/1159. (2016). https://eprint.iacr.org/2016/1159
[41]
Gordon Stewart, Anindya Banerjee, and Aleksandar Nanevski. 2013. Dependent Types for Enforcement of Information Flow and Erasure Policies in Heterogeneous Data Structures. In Proceedings of the 15th Symposium on Principles and Practice of Declarative Programming. https://doi.org/10.1145/2505879.2505895
[42]
Mohit Tiwari, Jason K Oberg, Xun Li, Jonathan Valamehr, Timothy Levin, Ben Hardekopf, Ryan Kastner, Frederic T Chong, and Timothy Sherwood. 2011. Crafting a usable microkernel, processor, and I/O system with strict and provable information flow security. ACM SIGARCH Computer Architecture News (2011).
[43]
Mohit Tiwari, Hassan MG Wassel, Bita Mazloom, Shashidhar Mysore, Frederic T Chong, and Timothy Sherwood. 2009. Complete information flow tracking from the gates up. In Proceedings of the 14th international conference on Architectural support for programming languages and operating systems.
[44]
Klaus v. Gleissenthall, Rami Gökhan Kici, Deian Stefan, and Ranjit Jhala. 2021. Solver-Aided Constant-Time Hardware Verification. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security.
[45]
Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F Wenisch, Yuval Yarom, and Raoul Strackx. 2018a. Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In Proceedings for the 27th USENIX Security Symposium.
[46]
Jo Van Bulck, Frank Piessens, and Raoul Strackx. 2018b. Nemesis: Studying microarchitectural timing leaks in rudimentary CPU interrupt logic. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security.
[47]
Marco Vassena, Craig Disselkoen, Klaus V Gleissenthall, Sunjay Cauligi, Rami Gökhan Kici, Ranjit Jhala, Dean Tullsen, and Deian Stefan. 2020. Automatically eliminating speculative leaks from cryptographic code with Blade. arXiv preprint arXiv:2005.00294 (2020).
[48]
Zhenghong Wang and Ruby B Lee. 2007. New cache designs for thwarting software cache-based side channel attacks. In Proceedings of the 34th annual international symposium on Computer architecture.
[49]
Mario Werner, Thomas Unterluggauer, Lukas Giner, Michael Schwarz, Daniel Gruss, and Stefan Mangard. 2019. ScatterCache: Thwarting Cache Attacks via Cache Set Randomization. In USENIX Security Symposium.
[50]
Wenjie Xiong and Jakub Szefer. 2021. Survey of Transient Execution Attacks and Their Mitigations. ACM Comput. Surv. (2021). https://doi.org/10.1145/3442479
[51]
Mengjia Yan, Jiho Choi, Dimitrios Skarlatos, Adam Morrison, Christopher Fletcher, and Josep Torrellas. 2018. Invisispec: Making speculative execution invisible in the cache hierarchy. In 2018 51st Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).
[52]
Jiyong Yu, Lucas Hsiung, Mohamad El Hajj, and Christopher W Fletcher. 2018. Data oblivious ISA extensions for side channel-resistant and high performance computing. Cryptology ePrint Archive (2018).
[53]
Jiyong Yu, Mengjia Yan, Artem Khyzha, Adam Morrison, Josep Torrellas, and Christopher W Fletcher. 2019a. Speculative taint tracking (STT): a comprehensive protection for speculatively accessed data. In Proceedings of the 52nd Annual IEEE/ACM International Symposium on Microarchitecture.
[54]
Jiyong Yu, Mengjia Yan, Artem Khyzha, Adam Morrison, Josep Torrellas, and Christopher W Fletcher. 2019b. Speculative taint tracking (STT): A formal analysis. Univ. of Illinois at Urbana-Champaign and Tel Aviv Univ., Tech. Rep (2019).
[55]
Drew Zagieboylo. 2023. https://github.com/dz333/secverilog. (2023).
[56]
Drew Zagieboylo, Charles Sherk, G. Edward Suh, and Andrew C. Myers. 2022. PDL: A High-level Hardware Design Language for Pipelined Processors. In 43textsuperscriptrd ACM SIGPLAN Conf. on Programming Language Design and Implementation (PLDI).
[57]
Drew Zagieboylo, G Edward Suh, and Andrew C Myers. 2019. Using information flow to design an ISA that controls timing channels. In IEEE 32nd Computer Security Foundations Symposium (CSF).
[58]
Steve Zdancewic and Andrew C. Myers. 2001. Robust Declassification. In 14textsuperscriptth IEEE Computer Security Foundations Workshop (CSFW). 15--23. https://doi.org/10.1109/CSFW.2001.930133
[59]
Danfeng Zhang, Yao Wang, G. Edward Suh, and Andrew C. Myers. 2015. A Hardware Design Language for Timing-Sensitive Information-Flow Security. In Int'l Conf. on Architectural Support for Programming Languages and Operating Systems (ASPLOS). 503--516. http://www.cs.cornell.edu/andru/papers/asplos15
[60]
Lantian Zheng and Andrew C. Myers. 2007. Dynamic Security Labels and Static Information Flow Control. International Journal of Information Security, Vol. 6, 2-3 (March 2007). http://www.cs.cornell.edu/andru/papers/dynlabel-ijis.pdf
Index Terms
- SpecVerilog: Adapting Information Flow Control for Secure Speculation
Recommendations
Mitigating Control Flow Attacks in Embedded Systems with Novel Built-in Secure Register Bank
GLSVLSI '17: Proceedings of the Great Lakes Symposium on VLSI 2017Embedded systems are prone to security attacks from their limited resources available for self-protection and unsafe language typically used for application programming. Attacks targeting control flow is one of the most common exploitations for embedded ...
CacheRewinder: revoking speculative cache updates exploiting write-back buffer
DATE '22: Proceedings of the 2022 Conference & Exhibition on Design, Automation & Test in EuropeTransient execution attacks are critical security threats since those attacks exploit speculative execution which is an essential architectural solution that can improve the performance of out-of-order processors significantly. Such attacks change cache ...
Secure Speculation via Speculative Secret Flow Tracking
AbstractSpeculative execution attacks can leak arbitrary program data under malicious speculation, presenting a severe security threat. Based on two key observations, this paper presents a software-transparent defense mechanism called speculative secret ...
Comments
Information & Contributors
Information
Published In
November 2023
3722 pages
ISBN:9798400700507
DOI:10.1145/3576915
- General Chairs:
- Weizhi Meng,
- Christian D. Jensen,
- Program Chairs:
- Cas Cremers,
- Engin Kirda
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 21 November 2023
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- DARPA
Conference
CCS '23
Sponsor:
CCS '23: ACM SIGSAC Conference on Computer and Communications Security
November 26 - 30, 2023
Copenhagen, Denmark
Acceptance Rates
Overall Acceptance Rate 1,261 of 6,999 submissions, 18%
Upcoming Conference
CCS '24
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 176Total Downloads
- Downloads (Last 12 months)176
- Downloads (Last 6 weeks)14
Reflects downloads up to 27 Jul 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in