Hardware/software co-design for secure speculation

Dec 12, 2020

Speculative execution attacks, such as the recent Spectre attacks, are a recent class of security threats that affect almost all modern processors (that is, millions of IT systems). These attacks exploit the hardware side-effects of a CPU optimization called speculative execution to break fundamental security assumptions on how programs are executed and to leak sensitive information.

Hardware/software co-design is an essential principle for building practical systems that are secure against these attacks. Following this principle, hardware and software should collaborate to thwart speculative execution attacks. Hardware platforms should provide precise security guarantees and expose control on the internal microarchitectural state. Software, instead, should leverage these guarantees to achieve end-to-end security. Unfortunately, we currently lack foundations, guiding principles, and tools for co-design for security.

Goals

This project will develop foundations, models, and tools for enabling co-design for secure speculation. The project will revolve around the notion of hardware/software security contract, an abstraction enabling the distribution of security obligations between hardware and software. The project will provide developers with languages for specifying security contracts as well as techniques for automatically determining whether proposals for secure speculation effectively prevent speculative execution attacks.

Security Micro-architectural attacks
Marco Guarnieri
Marco Guarnieri
Assistant professor

My research focuses on the design, analysis, and implementation of secure systems.

Publications

Testing side-channel security of cryptographic implementations against future microarchitectures
How will future microarchitectures impact the security of existing cryptographic implementations? As we cannot keep reducing the size …
Gilles Barthe, Marcel Böhme, Sunjay Cauligi, Chitchanok Chuengsatiansup, Daniel Genkin, Marco Guarnieri, David Mateos Romero, Peter Schwabe, David Wu, Yuval Yarom
PDF Cite Code Project arXiv version
Synthesizing Hardware-Software Leakage Contracts for RISC-V Open-Source Processors
Microarchitectural attacks compromise security by exploiting software-visible artifacts of microarchitectural optimizations such as …
Gideon Mohr, Marco Guarnieri, Jan Reineke
PDF Cite Code Project Project arXiv version
Specification and Verification of Side-channel Security for Open-source Processors via Leakage Contracts
Leakage contracts have recently been proposed as a new security abstraction at the Instruction Set Architecture (ISA) level. Such …
Zilong Wang, Gideon Mohr, Klaus von Gleissenthall, Jan Reineke, Marco Guarnieri
PDF Cite Code Project Extended version (arXiv) Distinguished paper award
Hide and Seek with Spectres: Efficient discovery of speculative information leaks with random testing
Attacks like Spectre abuse speculative execution, one of the key performance optimizations of modern CPUs. Recently, several testing …
Oleksii Oleksenko, Marco Guarnieri, Boris Köpf, Mark Silberstein
PDF Cite Code Project Extended version (arXiv)
Hardware-Software Contracts for Secure Speculation
Since the discovery of Spectre, a large number of hardware mechanisms for secure speculation have been proposed. Intuitively, more …
Marco Guarnieri, Boris Köpf, Jan Reineke, Pepe Vila
PDF Cite Code Project Project Poster Slides Video Extended version (arXiv) Preview video Best paper award