opinion

Free access

Through computer architecture, darkly

Authors:

P. G. NeumannAuthors Info & Claims

Communications of the ACM, Volume 62, Issue 6

Pages 25 - 27

https://doi.org/10.1145/3325284

Published: 21 May 2019 Publication History

All formats PDF

Abstract

Total-system hardware and microarchitectural issues are becoming increasingly critical.

References

[1]

Armstrong, A. et al. ISA Semantics for ARMv8-A, RISC-V, and CHERI-MIPS. In Proceedings of the Principles of Programming Languages Conference (POPL) 2019.

Digital Library

Google Scholar

[2]

Bangert, J. et al. The page-fault weird machine: Lessons in instruction-less computation. In Proceedings of the USENIX Workshop on Offensive Technologies (WOOT), 2013.

Digital Library

Google Scholar

[3]

Bellovin, S.M. and Neumann, P.G. The big picture: A systems-oriented view of trustworthiness. Commun. ACM 61, 11 (Nov. 2018), 24--26.

Digital Library

Google Scholar

[4]

Beniamini, G. Over The Air: Exploiting Broadcom's Wi-Fi Stack; https://bit.ly/2oA6GJL

Google Scholar

[5]

Gerber, S. et al. Not your parents' physical address space. In Proceedings of the Hot Topics in Operating Systems Conference (HotOS-XV) 2015.

Digital Library

Google Scholar

[6]

Goel, S., Hunt, W.A. Jr., and Kaufmann, M. Engineering a formal, executable x86 ISA simulator for software verification. Provably Correct Systems (ProCoS), 2017.

Crossref

Google Scholar

[7]

Google Project Zero, 2018; https://bit.ly/2CAQzTMGu, R. et al. CertiKOS: An Extensible Architecture for Building Certified Concurrent OS Kernels. OSDI 2016, 653--669; See also https://bit.ly/2Uzj9sI for ongoing work.

Digital Library

Google Scholar

[8]

Islam, S. et al. SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks, arXiv e-prints (Mar. 1, 2019); https://bit.ly/2TxWdhk

Google Scholar

[9]

Klein, G. et al. Comprehensive formal verification of an OS microkernel. ACM Trans. Computer Systems 2014; See also https://bit.ly/2UPKgEY for ongoing work.

Digital Library

Google Scholar

[10]

Kocher, P. et al. Spectre attacks: Exploiting speculative execution. ArXiv e-prints (Jan. 2018); https://bit.ly/2lUpJLk

Google Scholar

[11]

Leroy, X. A formally verified compiler back-end. Journal of Automated Reasoning 43, 4 (2009), 363--446.

Digital Library

Google Scholar

[12]

Lipp, M. et al. Meltdown, 2018; https://bit.ly/2E6myYl

Google Scholar

[13]

Markettos, A.T. Making sense of the Supermicro motherboard attack; https://bit.ly/2PqOnld

Google Scholar

[14]

Markettos, A.T. et al. Thunderclap: Exploring vulnerabilities in operating system IOMMU protection via DMA from untrustworthy peripherals. In Proceedings of the Network and Distributed Systems Security Symposium (NDSS), (Feb. 2019).

Google Scholar

[15]

Rushanan, M. and Checkoway, S. Run-DMA. In Proceedings of the WOOT 2015 Conference. (2015).

Digital Library

Google Scholar

[16]

Sutherland, G. Secrets of the motherboard ({sh<sup>*</sup>t} my chipset says). In Proceedings of the 44CON 2017, (Sept. 2017).

Google Scholar

[17]

Van Bulck, J. et al. Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution. USENIX Security (Aug. 15-17, 2018); https://bit.ly/2DusEDT

Digital Library

Google Scholar

[18]

Watson, R.N.M. et al. Capability Hardware Enhanced RISC Instructions (CHERI): Notes on the Meltdown and Spectre Attacks. Technical Report UCAM-CL-TR-916, University of Cambridge, Computer Laboratory (Feb. 2018); https://bit.ly/2DuVDrr

Google Scholar

[19]

Watson, R.N.M. et al. Capability Hardware Enhanced RISC Instructions (CHERI): CHERI Instruction-set Architecture, Version 7, Technical Report UCAM-CL-TR-927, University of Cambridge, Computer Laboratory (Apr. 2019); https://bit.ly/2XzPgKU

Google Scholar

[20]

Weisse, O. et al. Foreshadow-NG: Breaking the virtual memory abstraction with transient out-of-order execution (Aug. 2018); https://bit.ly/2VZLD0h

Google Scholar

Cited By

View all

Kim YYang JLee YEarwood B(2024)Assessing Cybersecurity Problem-Solving Skills and Creativity of Engineering Students Through Model-Eliciting Activities Using an Analytic RubricIEEE Access10.1109/ACCESS.2023.334855412(5743-5759)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2023.3348554
Wang YLiu PWang WWang XJiang Y(2022)On a Consistency Testing Model and Strategy for Revealing RISC Processor’s Dark Instructions and VulnerabilitiesIEEE Transactions on Computers10.1109/TC.2021.309717471:7(1586-1597)Online publication date: 1-Jul-2022
https://doi.org/10.1109/TC.2021.3097174
Yang JRae Kim YEarwood B(2022)A Study of Effectiveness and Problem Solving on Security Concepts with Model-Eliciting Activities2022 IEEE Frontiers in Education Conference (FIE)10.1109/FIE56618.2022.9962412(1-9)Online publication date: 8-Oct-2022
https://doi.org/10.1109/FIE56618.2022.9962412
Show More Cited By

Index Terms

Through computer architecture, darkly
1. Security and privacy
  1. Systems security

Recommendations

Comments

Information & Contributors

Information

Published In

Communications of the ACM Volume 62, Issue 6

June 2019

85 pages

ISSN:0001-0782

EISSN:1557-7317

DOI:10.1145/3336127

Editor:
Andrew A. Chien
Association for Computing Machinery, New York, NY

Issue’s Table of Contents

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 May 2019

Published in CACM Volume 62, Issue 6

Check for updates

Qualifiers

Opinion
Popular
Un-reviewed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
1,367
Total Downloads

Downloads (Last 12 months)371
Downloads (Last 6 weeks)169

Reflects downloads up to 25 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Kim YYang JLee YEarwood B(2024)Assessing Cybersecurity Problem-Solving Skills and Creativity of Engineering Students Through Model-Eliciting Activities Using an Analytic RubricIEEE Access10.1109/ACCESS.2023.334855412(5743-5759)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2023.3348554
Wang YLiu PWang WWang XJiang Y(2022)On a Consistency Testing Model and Strategy for Revealing RISC Processor’s Dark Instructions and VulnerabilitiesIEEE Transactions on Computers10.1109/TC.2021.309717471:7(1586-1597)Online publication date: 1-Jul-2022
https://doi.org/10.1109/TC.2021.3097174
Yang JRae Kim YEarwood B(2022)A Study of Effectiveness and Problem Solving on Security Concepts with Model-Eliciting Activities2022 IEEE Frontiers in Education Conference (FIE)10.1109/FIE56618.2022.9962412(1-9)Online publication date: 8-Oct-2022
https://doi.org/10.1109/FIE56618.2022.9962412
Tomlinson AParkin SShaikh S(2022)Drivers and barriers for secure hardware adoption across ecosystem stakeholdersJournal of Cybersecurity10.1093/cybsec/tyac0098:1Online publication date: 5-Aug-2022
https://doi.org/10.1093/cybsec/tyac009
Earwood BYang JKim Y(2021)Effective Learning of Cybersecurity Concepts with Model-Eliciting Activities2021 IEEE International Conference on Engineering, Technology & Education (TALE)10.1109/TALE52509.2021.9678713(01-07)Online publication date: 5-Dec-2021
https://doi.org/10.1109/TALE52509.2021.9678713
Razavi KTrivedi APhanishayee AStutsman R(2020)StratusProceedings of the 12th USENIX Conference on Hot Topics in Cloud Computing10.5555/3485849.3485861(12-12)Online publication date: 13-Jul-2020
https://dl.acm.org/doi/10.5555/3485849.3485861

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Digital Edition

View this article in digital edition.

Digital Edition

Magazine Site

View this article on the magazine site (external)

Magazine Site

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Computer Architecture: A Minimalist Perspective

DART: a decoupled computer architecture

Computer Architecture