Showing 1–3 of 3 results for author: Diavastos, A

Mitigating Speculation-based Attacks through Configurable Hardware/Software Co-design

Authors: Ali Hajiabadi, Archit Agarwal, Andreas Diavastos, Trevor E. Carlson

Abstract: New speculation-based attacks that affect large numbers of modern systems are disclosed regularly. Currently, CPU vendors regularly fall back to heavy-handed mitigations like using barriers or enforcing strict programming guidelines resulting in significant performance overhead. What is missing is a solution that allows for efficient mitigation and is flexible enough to address both current and fu… ▽ More New speculation-based attacks that affect large numbers of modern systems are disclosed regularly. Currently, CPU vendors regularly fall back to heavy-handed mitigations like using barriers or enforcing strict programming guidelines resulting in significant performance overhead. What is missing is a solution that allows for efficient mitigation and is flexible enough to address both current and future speculation vulnerabilities, without additional hardware changes. In this work, we present SpecControl, a novel hardware/software co-design, that enables new levels of security while reducing the performance overhead that has been demonstrated by state-of-the-art methodologies. SpecControl introduces a communication interface that allows compilers and application developers to inform the hardware about true branch dependencies, confidential control-flow instructions, and fine-grained instruction constraints in order to apply restrictions only when necessary. We evaluate SpecControl against known speculative execution attacks and in addition, present a new speculative fetch attack variant on the Pattern History Table (PHT) in branch predictors that shows how similar previously reported vulnerabilities are more dangerous by enabling unprivileged attacks, especially with the state-of-the-art branch predictors. SpecControl provides stronger security guarantees compared to the existing defenses while reducing the performance overhead of two state-of-the-art defenses from 51% and 43% to just 23%. △ Less

Submitted 20 June, 2023; originally announced June 2023.

Comments: 13 pages, 15 figures

Efficient Instruction Scheduling using Real-time Load Delay Tracking

Authors: Andreas Diavastos, Trevor E. Carlson

Abstract: Many hardware structures in today's high-performance out-of-order processors do not scale in an efficient way. To address this, different solutions have been proposed that build execution schedules in an energy-efficient manner. Issue time prediction processors are one such solution that use data-flow dependencies and predefined instruction latencies to predict issue times of repeated instructions… ▽ More Many hardware structures in today's high-performance out-of-order processors do not scale in an efficient way. To address this, different solutions have been proposed that build execution schedules in an energy-efficient manner. Issue time prediction processors are one such solution that use data-flow dependencies and predefined instruction latencies to predict issue times of repeated instructions. In this work, we aim to improve their accuracy, and consequently their performance, in an energy efficient way. We accomplish this by taking advantage of two key observations. First, memory accesses often take additional time to arrive than the static, predefined access latency that is used to describe these systems. Second, we find that these memory access delays often repeat across iterations of the same code. This, in turn, allows us to predict the arrival time of these accesses. In this work, we introduce a new processor microarchitecture, that replaces a complex reservation-station-based scheduler with an efficient, scalable alternative. Our proposed scheduling technique tracks real-time delays of loads to accurately predict instruction issue times, and uses a reordering mechanism to prioritize instructions based on that prediction, achieving close-to-out-of-order processor performance. To accomplish this in an energy-efficient manner we introduce: (1) an instruction delay learning mechanism that monitors repeated load instructions and learns their latest delay, (2) an issue time predictor that uses learned delays and data-flow dependencies to predict instruction issue times and (3) priority queues that reorder instructions based on their issue time prediction. Together, our processor achieves 86.2% of the performance of a traditional out-of-order processor, higher than previous efficient scheduler proposals, while still consuming 30% less power. △ Less

Submitted 7 September, 2021; originally announced September 2021.

Comments: 13 pages, 11 figures, 4 tables

Mitigating Power Attacks through Fine-Grained Instruction Reordering

Authors: Yun Chen, Ali Hajiabadi, Romain Poussier, Andreas Diavastos, Shivam Bhasin, Trevor E. Carlson

Abstract: Side-channel attacks are a security exploit that take advantage of information leakage. They use measurement and analysis of physical parameters to reverse engineer and extract secrets from a system. Power analysis attacks in particular, collect a set of power traces from a computing device and use statistical techniques to correlate this information with the attacked application data and source c… ▽ More Side-channel attacks are a security exploit that take advantage of information leakage. They use measurement and analysis of physical parameters to reverse engineer and extract secrets from a system. Power analysis attacks in particular, collect a set of power traces from a computing device and use statistical techniques to correlate this information with the attacked application data and source code. Counter measures like just-in-time compilation, random code injection and instruction descheduling obfuscate the execution of instructions to reduce the security risk. Unfortunately, due to the randomness and excess instructions executed by these solutions, they introduce large overheads in performance, power and area. In this work we propose a scheduling algorithm that dynamically reorders instructions in an out-of-order processor to provide obfuscated execution and mitigate power analysis attacks with little-to-no effect on the performance, power or area of the processor. We exploit the time between operand availability of critical instructions (slack) to create high-performance random schedules without requiring additional instructions or static prescheduling. Further, we perform an extended security analysis using different attacks. We highlight the dangers of using incorrect adversarial assumptions, which can often lead to a false sense of security. In that regard, our advanced security metric demonstrates improvements of 34$\times$, while our basic security evaluation shows results up to 261$\times$. Moreover, our system achieves performance within 96% on average, of the baseline unprotected processor. △ Less

Submitted 23 July, 2021; originally announced July 2021.

Comments: 13 pages, 12 figures