research-article

Open access

PUMP: a programmable unit for metadata processing

Authors:

Nikos Vasilakis,

Silviu Chiricescu,

Jonathan M. Smith,

Thomas F. Knight, Jr.,

Benjamin C. Pierce,

André DeHonAuthors Info & Claims

HASP '14: Proceedings of the Third Workshop on Hardware and Architectural Support for Security and Privacy

Article No.: 8, Pages 1 - 8

https://doi.org/10.1145/2611765.2611773

Published: 15 June 2014 Publication History

Abstract

We introduce the Programmable Unit for Metadata Processing (PUMP), a novel software-hardware element that allows flexible computation with uninterpreted metadata alongside the main computation with modest impact on runtime performance (typically 10--40% for single policies, compared to metadata-free computation on 28 SPEC CPU2006 C, C++, and Fortran programs). While a host of prior work has illustrated the value of ad hoc metadata processing for specific policies, we introduce an architectural model for extensible, programmable metadata processing that can handle arbitrary metadata and arbitrary sets of software-defined rules in the spirit of the time-honored 0-1-∞ rule. Our results show that we can match or exceed the performance of dedicated hardware solutions that use metadata to enforce a single policy, while adding the ability to enforce multiple policies simultaneously and achieving flexibility comparable to software solutions for metadata processing. We demonstrate the PUMP by using it to support four diverse safety and security policies---spatial and temporal memory safety, code and data taint tracking, control-flow integrity including return-oriented-programming protection, and instruction/data separation---and quantify the performance they achieve, both singly and in combination.

References

[1]

ARM Cortex-A5 Processor, http://www.arm.com/products/processors/cortex-a/cortex-a5.php.

[2]

Alpha Architecture Handbook. Digital Equipment Corporation, 1992.

[3]

M. Abadi, M. Budiu, Ú. Erlingsson, and J. Ligatti. Control-flow integrity. In Proc. ACM CCS, pages 340--353, 2005.

Digital Library

[4]

D. Arora, S. Ravi, A. Raghunathan, and N. K. Jha. Architectural support for run-time validation of program data properties. IEEE Trans. VLSI Sys., 15(5):546--559, May 2007.

Digital Library

[5]

Arvind, R. S. Nikhil, and K. K. Pingali. I-structures: Data structures for parallel computing. In Proc. Wkshp on Graph Reduction (Springer-Verlag LNCS 279), Sept. 1986.

Digital Library

[6]

N. Binkert, B. Beckmann, G. Black, S. K. Reinhardt, A. Saidi, A. Basu, J. Hestness, D. R. Hower, T. Krishna, S. Sardashti, R. Sen, K. Sewell, M. Shoaib, N. Vaish, M. D. Hill, and D. A. Wood. The gem5 simulator. SIGARCH Comput. Archit. News, 39(2):1--7, Aug. 2011.

Digital Library

[7]

E. Bosman, A. Slowinska, and H. Bos. Minemu: The World's Fastest Taint Tracker. In Proc. RAID, volume 6961 of LNCS, pages 1--20. Springer, 2011.

Digital Library

[8]

J. Brown and T. F. Knight, Jr. A minimally trusted computing base for dynamically ensuring secure information flow. Technical Report 5, MIT CSAIL, November 2001. Aries Memo No. 15.

[9]

E. Buchanan, R. Roemer, H. Shacham, and S. Savage. When Good Instructions Go Bad: Generalizing Return-Oriented Programming to RISC. In Proc. ACM CCS, pages 27--38, Oct. 2008.

Digital Library

[10]

H. Chen, X. Wu, L. Yuan, B. Zang, P.-c. Yew, and F. T. Chong. From Speculation to Security: Practical and Efficient Information Flow Tracking Using Speculative Hardware. In Proc. ISCA, pages 401--412, 2008.

Digital Library

[11]

S. Chen, M. Kozuch, T. Strigkos, B. Falsafi, P. B. Gibbons, T. C. Mowry, V. Ramachandran, O. Ruwase, M. P. Ryan, and E. Vlachos. Flexible Hardware Acceleration for Instruction-Grain Program Monitoring. In Proc. ISCA, pages 377--388, 2008.

Digital Library

[12]

S. Chen, J. Xu, N. Nakka, Z. Kalbarczyk, and R. Iyer. Defeating memory corruption attacks via pointer taintedness detection. In Proc. IEEE DSN, pages 378--387, 2005.

Digital Library

[13]

M. L. Corliss, E. C. Lewis, and A. Roth. Using DISE to protect return addresses from attack. SIGARCH Comput. Archit. News, 33(1):65--72, Mar. 2005.

Digital Library

[14]

J. R. Crandall, F. T. Chong, and S. F. Wu. Minos: Architectural support for protecting control data. ACM Trans. Archit. and Code Opt., 5:359--389, December 2006.

Digital Library

[15]

M. Dalton, H. Kannan, and C. Kozyrakis. Raksha: a flexible information flow architecture for software security. In Proc. ISCA, pages 482--493, 2007.

Digital Library

[16]

D. Y. Deng, D. Lo, G. Malysa, S. Schneider, and G. E. Suh. Flexible and Efficient Instruction-Grained Run-Time Monitoring Using On-Chip Reconfigurable Fabric. In Proc. IEEE MICRO, pages 137--148, 2010.

Digital Library

[17]

D. Y. Deng and G. E. Suh. High-performance parallel accelerator for flexible and efficient run-time monitoring. In Proc. IEEE DSN, pages 1--12, 2012.

Digital Library

[18]

U. Dhawan and A. DeHon. Area-efficient near-associative memories on FPGAs. In Proc. ACM TRETS, 2014.

[19]

E. Goktas, E. Athanasopoulos, H. Bos, and G. Portokalidis. Out of control: Overcoming control-flow integrity. In Proc. IEEE S&P, 2014.

Digital Library

[20]

J. L. Henning. SPEC CPU2006 benchmark descriptions. SIGARCH Comput. Archit. News, 34(4):1--17, Sept. 2006.

Digital Library

[21]

M. A. Holliday. Techniques for cache and memory simulation using address reference traces. Int. J. Comput. Simul, 1:129--151, 1990.

[22]

C. Hriţcu, M. Greenberg, B. Karel, B. C. Pierce, and G. Morrisett. All your IFCException are belong to us. In Proc. IEEE S&P, 2013.

Digital Library

[23]

H. Kannan, M. Dalton, and C. Kozyrakis. Decoupling Dynamic Information Flow Tracking with a Dedicated Coprocessor. In Proc. IEEE DSN, pages 105--114, 2009.

[24]

D. King, B. Hicks, M. Hicks, and T. Jaeger. Implicit flows: Can't live with 'em, can't live without 'em. In Proc. ICISS, pages 56--70, 2008.

Digital Library

[25]

N. Muralimanohar, R. Balasubramonian, and N. P. Jouppi. CACTI 6.0: A tool to model large caches. HPL 2009-85, HP Labs, Palo Alto, CA, April 2009. Latest code release for CACTI 6 is 6.5.

[26]

S. Nagarakatte, M. M. K. Martin, and S. Zdancewic. Hardware-Enforced Comprehensive Memory Safety. IEEE Micro, 33(3):38--47, May-June 2013.

Digital Library

[27]

M. Ozsoy, D. Ponomarev, N. B. Abu-Ghazaleh, and T. Suri. SIFT: a low-overhead dynamic information flow tracking architecture for SMT processors. In Conf. Computing Frontiers, page 37, 2011.

Digital Library

[28]

D. A. Patterson and C. H. Sequin. RISC I: A Reduced Instruction Set VLSI Computer. In Proc. ISCA, pages 443--457, 1981.

Digital Library

[29]

M. Rinard, C. Cadar, D. Dumitran, D. M. Roy, T. Leu, and J. William S. Beebee. Enhancing server availability and security through failure-oblivious computing. In Proc. OSDI, December 2004.

Digital Library

[30]

D. Ritchie and K. Thompson. The UNIX Time-Sharing System. BSTJ, 57(6):1905--1930, 1978.

[31]

A. Russo and A. Sabelfeld. Dynamic vs. static flow-sensitive security analysis. In Proc. CSF, pages 186--199, 2010.

Digital Library

[32]

S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A dynamic race detector for multi-threaded programs. ACM Trans. Comp. Sys., 15(4), 1997.

Digital Library

[33]

H. Shacham. The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). In Proc. ACM CCS, pages 552--561, Oct. 2007.

Digital Library

[34]

G. E. Suh, J. W. Lee, D. Zhang, and S. Devadas. Secure Program Execution via Dynamic Information Flow Tracking. In Proc. ASPLOS, pages 85--96, 2004.

Digital Library

[35]

L. Szekeres, M. Payer, T. Wei, and D. Song. SoK: Eternal war in memory. In Proc. IEEE S&P, pages 48--62, 2013.

Digital Library

[36]

G. Venkataramani, I. Doudalis, Y. Solihin, and M. Prvulovic. FlexiTaint: A programmable accelerator for dynamic taint propagation. In Proc. HPCA, pages 173--184, Feb. 2008.

[37]

E. Witchel, J. Cates, and K. Asanović. Mondrian memory protection. In Proc. ASPLOS, pages 304--316, New York, NY, USA, 2002. ACM.

Digital Library

[38]

A. Yip, X. Wang, N. Zeldovich, and M. F. Kaashoek. Improving application security with data flow assertions. In Proc. SOSP, October 2009.

Digital Library

[39]

C. Zhang, T. Wei, Z. Chen, L. Duan, L. Szekeres, S. McCamant, D. Song, and W. Zou. Practical Control Flow Integrity & Randomization for Binary Executables. In Proc. IEEE S&P, 2013.

Digital Library

Cited By

Yu JWatt CBadole ACarlson TSaxena PCalandrino JTroncoso C(2023)CAPSTONEProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620282(787-804)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620282
Erata FDeng SZaghloul FXiong WDemir OSzefer J(2023)Survey of Approaches and Techniques for Security Verification of Computer SystemsACM Journal on Emerging Technologies in Computing Systems10.1145/356478519:1(1-34)Online publication date: 19-Jan-2023
https://dl.acm.org/doi/10.1145/3564785
Gollapudi RYuksek GDemicco DCole MKothari GKulkarni RZhang XGhose KPrakash AUmrigar Z(2023)Control Flow and Pointer Integrity Enforcement in a Secure Tagged Architecture2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179416(2974-2989)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179416
Show More Cited By

Index Terms

PUMP: a programmable unit for metadata processing
1. Computer systems organization
  1. Architectures

Recommendations

Architectural Support for Software-Defined Metadata Processing
ASPLOS '15: Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems

Optimized hardware for propagating and checking software-programmable metadata tags can achieve low runtime overhead. We generalize prior work on hardware tagging by considering a generic architecture that supports software-defined policies over ...
Architectural Support for Software-Defined Metadata Processing
ASPLOS'15

Optimized hardware for propagating and checking software-programmable metadata tags can achieve low runtime overhead. We generalize prior work on hardware tagging by considering a generic architecture that supports software-defined policies over ...
Architectural Support for Software-Defined Metadata Processing
ASPLOS '15

Optimized hardware for propagating and checking software-programmable metadata tags can achieve low runtime overhead. We generalize prior work on hardware tagging by considering a generic architecture that supports software-defined policies over ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

HASP '14: Proceedings of the Third Workshop on Hardware and Architectural Support for Security and Privacy

June 2014

89 pages

ISBN:9781450327770

DOI:10.1145/2611765

Conference Chairs:
Ruby Lee
Princeton University
,
Weidong Shi
University of Houston

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGARCH: ACM Special Interest Group on Computer Architecture

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 June 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Air Force Research Laboratory

Conference

HASP '14

Sponsor:

SIGARCH

HASP '14: The Third Workshop on Hardware and Architectural Support for Security and Privacy

June 15, 2014

Minnesota, Minneapolis, USA

Acceptance Rates

Overall Acceptance Rate 9 of 13 submissions, 69%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

26
Total Citations
View Citations
739
Total Downloads

Downloads (Last 12 months)116
Downloads (Last 6 weeks)22

Reflects downloads up to 12 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Yu JWatt CBadole ACarlson TSaxena PCalandrino JTroncoso C(2023)CAPSTONEProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620282(787-804)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620282
Erata FDeng SZaghloul FXiong WDemir OSzefer J(2023)Survey of Approaches and Techniques for Security Verification of Computer SystemsACM Journal on Emerging Technologies in Computing Systems10.1145/356478519:1(1-34)Online publication date: 19-Jan-2023
https://dl.acm.org/doi/10.1145/3564785
Gollapudi RYuksek GDemicco DCole MKothari GKulkarni RZhang XGhose KPrakash AUmrigar Z(2023)Control Flow and Pointer Integrity Enforcement in a Secure Tagged Architecture2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179416(2974-2989)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179416
Jero SBurow NWard BSkowyra RKhazan RShrobe HOkhravi H(2022)TAG: Tagged Architecture GuideACM Computing Surveys10.1145/353370455:6(1-34)Online publication date: 7-Dec-2022
https://dl.acm.org/doi/10.1145/3533704
Vijaykumar NOlgun AKanellopoulos KBostanci FHassan HLotfi MGibbons PMutlu O(2022)MetaSys: A Practical Open-source Metadata Management System to Implement and Evaluate Cross-layer OptimizationsACM Transactions on Architecture and Code Optimization10.1145/350525019:2(1-29)Online publication date: 24-Mar-2022
https://dl.acm.org/doi/10.1145/3505250
Chen KArias ODeng QOliveira DGuo XJin Y(2022)FineDIFT: Fine-Grained Dynamic Information Flow Tracking for Data-Flow Integrity Using CoprocessorIEEE Transactions on Information Forensics and Security10.1109/TIFS.2022.314486817(559-573)Online publication date: 2022
https://doi.org/10.1109/TIFS.2022.3144868
Tan B(2022)Challenges and Opportunities for Hardware-Assisted Security Improvements in the Field2022 23rd International Symposium on Quality Electronic Design (ISQED)10.1109/ISQED54688.2022.9806254(90-95)Online publication date: 6-Apr-2022
https://doi.org/10.1109/ISQED54688.2022.9806254
Chen KGuo XDeng QJin Y(2021)Dynamic Information Flow Tracking: Taxonomy, Challenges, and OpportunitiesMicromachines10.3390/mi1208089812:8(898)Online publication date: 29-Jul-2021
https://doi.org/10.3390/mi12080898
Rivera EMergendahl SShrobe HOkhravi HBurow N(2021)Keeping Safe Rust Safe with GaleedProceedings of the 37th Annual Computer Security Applications Conference10.1145/3485832.3485903(824-836)Online publication date: 6-Dec-2021
https://dl.acm.org/doi/10.1145/3485832.3485903
Ma LXu JSun JZhou YXie XShen WChang RRen KGunawi HMa X(2021)Revisiting challenges for selective data protection of real applicationsProceedings of the 12th ACM SIGOPS Asia-Pacific Workshop on Systems10.1145/3476886.3477504(138-145)Online publication date: 24-Aug-2021
https://dl.acm.org/doi/10.1145/3476886.3477504
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents