CRII: SaTC: Detecting Security Vulnerabilities in Instruction Set Architectures

CRII：SaTC：检测指令集架构中的安全漏洞

• 批准号: 1464209
• 负责人: Cynthia Sturton
• 金额: $ 17.5万
• 依托单位: University of North Carolina at Chapel Hill
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-05-15 至 2017-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1464209&HistoricalAwards=false
• 关键词: CRII; SaTC; Detecting; Security; Vulnerabilities

The interaction between computer processors -- the hardware at the heart of our computers, tablets, and phones -- and software -- apps, web browsers, and other applications -- is governed by an Instruction Set Architecture (ISA). The ISA is the specification that defines how the processor will respond to commands from the software. It is large and complex, too large for a person to understand and reason about all the interactions between different parts completely. As a result, security vulnerabilities exist in the ISA. These vulnerabilities can sometimes be exploited by attackers to steal data or take control of the machine. This research is about detecting security vulnerabilities that exist in the ISA. Finding and removing these vulnerabilities will create a more secure foundation for all our computing activities. This will benefit government agencies that require high assurance environments, cloud providers that rely on hardware features for the security for their service, and users who, more and more, are relying on diverse hardware components from a variety of hardware design companies to handle their private and sensitive data.The researchers posit that vulnerabilities in the ISA happen in one of two ways: 1) Erroneous specification: the ISA prescribes behavior that is dangerous; or 2) Nondeterminism in the specification: the ISA is incomplete and one of the possible behaviors allowed by the specification is dangerous. The hypothesis of this research is that it is possible to focus on a relatively small subset of the ISA for which these types of errors are likely to occur. The researchers are developing a practical methodology for discovering for which instructions vulnerabilities are most likely to occur. With that information, they are developing tools to detect and correct security-critical errors in the ISA. In addition to making a practical contribution, the research activities are improving understanding in the computer science community of what a vulnerability in an ISA looks like and where and under what conditions it is likely to occur. This will enable future verification efforts to concentrate on the most security-critical aspects of the ISA.

计算机处理器（我们的计算机，平板电脑和手机的核心硬件）与软件（应用程序，Web浏览器和其他应用程序）之间的交互由指令集架构（伊萨）管理。伊萨是定义处理器如何响应软件命令的规范。它庞大而复杂，对于一个人来说太大了，无法完全理解和推理不同部分之间的所有互动。因此，伊萨中存在安全漏洞。这些漏洞有时会被攻击者利用来窃取数据或控制机器。本研究是关于检测伊萨中存在的安全漏洞。找到并消除这些漏洞将为我们所有的计算活动创造一个更安全的基础。这将有利于需要高保证环境的政府机构，依赖硬件功能来确保其服务安全的云提供商，以及越来越多地依赖各种硬件设计公司的各种硬件组件来处理其私人和敏感数据的用户。研究人员认为伊萨中的漏洞以两种方式之一发生：1）错误的规范：伊萨规定了危险的行为; 2）规范中的不确定性：伊萨是不完整的，规范允许的可能行为之一是危险的。 本研究的假设是，有可能集中在伊萨的一个相对较小的子集，这些类型的错误可能会发生。 研究人员正在开发一种实用的方法来发现哪些指令漏洞最有可能发生。有了这些信息，他们正在开发工具来检测和纠正伊萨中的安全关键错误。 除了作出实际贡献外，研究活动还使计算机科学界更好地了解伊萨中的漏洞是什么样的，以及它可能在哪里和在什么条件下发生。这将使今后的核查工作能够集中于《伊萨》最关键的安全方面。