当前位置:
X-MOL 学术
›
arXiv.cs.PL
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Cats vs. Spectre: An Axiomatic Approach to Modeling Speculative Execution Attacks
arXiv - CS - Programming Languages Pub Date : 2021-08-31 , DOI: arxiv-2108.13818 Hernán Ponce-de-León, Johannes Kinder
arXiv - CS - Programming Languages Pub Date : 2021-08-31 , DOI: arxiv-2108.13818 Hernán Ponce-de-León, Johannes Kinder
The Spectre family of speculative execution attacks have required a
rethinking of formal methods for security. Approaches based on operational
speculative semantics have made initial inroads towards finding vulnerable code
and validating defenses. However, with each new attack grows the amount of
microarchitectural detail that has to be integrated into the underlying
semantics. We propose an alternative, light-weight and axiomatic approach to
specifying speculative semantics that relies on insights from memory models for
concurrency. We use the CAT modeling language for memory consistency to specify
execution models that capture speculative control flow, store-to-load
forwarding, predictive store forwarding, and memory ordering machine clears. We
present a bounded model checking framework parametrized by our speculative CAT
models and evaluate its implementation against the state of the art. Due to the
axiomatic approach, our models can be rapidly extended to allow our framework
to detect new types of attacks and validate defenses against them.
中文翻译:
Cats vs. Spectre:模拟推测执行攻击的公理化方法
Spectre 系列的推测执行攻击需要重新考虑安全的正式方法。基于操作推测语义的方法在寻找易受攻击的代码和验证防御方面取得了初步进展。然而,随着每次新的攻击,必须集成到底层语义中的微架构细节的数量都会增加。我们提出了一种替代的、轻量级的、公理化的方法来指定依赖于内存模型对并发性的洞察的推测语义。我们使用 CAT 建模语言来实现内存一致性,以指定捕获推测控制流、存储到加载转发、预测性存储转发和内存排序机器清除的执行模型。我们提出了一个由我们的推测 CAT 模型参数化的有界模型检查框架,并根据现有技术评估其实现。由于公理化方法,我们的模型可以快速扩展,以允许我们的框架检测新类型的攻击并验证对它们的防御。
更新日期:2021-09-01
中文翻译:
Cats vs. Spectre:模拟推测执行攻击的公理化方法
Spectre 系列的推测执行攻击需要重新考虑安全的正式方法。基于操作推测语义的方法在寻找易受攻击的代码和验证防御方面取得了初步进展。然而,随着每次新的攻击,必须集成到底层语义中的微架构细节的数量都会增加。我们提出了一种替代的、轻量级的、公理化的方法来指定依赖于内存模型对并发性的洞察的推测语义。我们使用 CAT 建模语言来实现内存一致性,以指定捕获推测控制流、存储到加载转发、预测性存储转发和内存排序机器清除的执行模型。我们提出了一个由我们的推测 CAT 模型参数化的有界模型检查框架,并根据现有技术评估其实现。由于公理化方法,我们的模型可以快速扩展,以允许我们的框架检测新类型的攻击并验证对它们的防御。