SaTC: CORE: Small: A Secure Processor that Exploits Multicore Parallelism while Protecting Against Microarchitecture State Attacks

SaTC：CORE：小型：利用多核并行性同时防止微架构状态攻击的安全处理器

• 批准号: 1929261
• 负责人: Omer Khan
• 金额: $ 50万
• 依托单位: University of Connecticut
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-10-01 至 2024-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1929261&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Secure; Processor

Microprocessors are widely deployed in cloud, fog, edge, and mobile computing platforms. In all cases, the economies of scale stem from our ability (through the use of mature virtualization technologies) to host large sets of applications from diverse domains. These applications increasingly operate on private or confidential user data. A major hurdle for exposing and exploiting virtualization capabilities in next generation processors is the lack of a clear vision for how to address the security challenges associated with co-locating applications that share hardware. This project singles out the challenge of controlling leakage of speculative and non-speculative microarchitecture state information: the ability of an adversary to glean sensitive information about a co-located workload by observing patterns of communication or resource utilization at various layers of the processor hardware stack. The importance of this problem is exacerbated by recent attacks on commercial microprocessors, where hardware resource sharing is exploited to expose microarchitecture state information to an adversary that is otherwise inaccessible or not directly visible in the system state.The project develops a new abstraction for securing the microarchitecture state vulnerabilities in multicore processors. Today's processors assume temporal execution of secure (victim) and insecure (potentially malicious) applications under the purview of virtualization. For strong isolation, at each context switch, a secure processor must clean the microarchitecture state from all shared hardware resources. This project re-thinks secure processor designs, and challenges these assumptions in the context of multicore processors. A spatio-temporal execution model is envisioned, where the cores are spatially partitioned into secure and insecure clusters (or domains). The secure cluster and its accompanying software and hardware is envisioned to become the only trusted component in the multicore processor trusted computing base (TCB). This allows the concurrently executing domains to fully exploit their allocated hardware resources for performance, while guaranteeing bounded information leakage through the hardware sharing of microarchitecture state. The incorporation of security to tackle microarchitecture state vulnerabilities at various levels of the processor hardware is timely, as it ensures that the consideration of security concerns in the still-evolving hardware stack is not an afterthought. Doing so will speed up the adoption of emerging safety-critical secure applications, thus improving the hardness and certification of the US cyber infrastructure, with significant benefits to our economy and society.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

微处理器广泛部署在云、雾、边缘和移动计算平台中。在所有情况下，规模经济都源于我们托管来自不同领域的大型应用程序集的能力(通过使用成熟的虚拟化技术)。这些应用程序越来越多地对私有或机密用户数据进行操作。暴露和利用下一代处理器中的虚拟化功能的一个主要障碍是，对于如何解决与共享硬件的应用程序托管相关的安全挑战缺乏清晰的愿景。该项目特别指出了控制推测性和非推测性微体系结构状态信息泄漏的挑战：对手通过观察处理器硬件堆栈不同层的通信或资源利用模式来收集有关托管工作负载的敏感信息的能力。最近针对商业微处理器的攻击加剧了这个问题的重要性，利用硬件资源共享将微体系结构状态信息暴露给对手，否则这些信息在系统状态中是不可访问的或不可直接看到的。该项目开发了一种新的抽象来保护多核处理器中的微体系结构状态漏洞。今天的处理器假定在虚拟化的权限下临时执行安全(受害者)和不安全(潜在恶意)的应用程序。为了实现强隔离，在每次上下文切换时，安全处理器必须清除所有共享硬件资源的微体系结构状态。该项目重新思考安全处理器的设计，并在多核处理器的环境中挑战这些假设。设想了一种时空执行模型，其中核在空间上被划分为安全和不安全的集群(或域)。安全集群及其附带的软件和硬件预计将成为多核处理器可信计算基础(TCB)中的唯一可信组件。这允许并发执行域充分利用其分配的硬件资源来提高性能，同时通过硬件共享微体系结构状态来保证有限的信息泄漏。将安全纳入处理器硬件的不同级别以解决微体系结构状态漏洞是及时的，因为它确保了在仍在发展的硬件堆栈中考虑安全问题不会是事后的想法。这样做将加快采用新兴的安全关键安全应用程序，从而改善美国网络基础设施的硬度和认证，为我们的经济和社会带来显著好处。这一奖项反映了NSF的法定使命，并通过使用基金会的智力优势和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

ASM: An Adaptive Secure Multicore for Co-located Mutually Distrusting Processes

ASM：用于共置互不信任进程的自适应安全多核

• DOI: 10.1145/3587480
• 发表时间: 2023
• 期刊: ACM Transactions on Architecture and Code Optimization
• 影响因子: 1.6
• 作者: Sahni, Abdul Rasheed;Omar, Hamza;Ali, Usman;Khan, Omer
• 通讯作者: Khan, Omer

MultiCon: An Efficient Timing-based Side Channel Attack on Shared Memory Multicores

MultiCon：对共享内存多核的有效的基于定时的侧通道攻击

• DOI: 10.1109/iccd56317.2022.00024
• 发表时间: 2022
• 期刊: 2022 IEEE 40th International Conference on Computer Design (ICCD
• 作者: Ali, Usman;Khan, Omer
• 通讯作者: Khan, Omer

IRONHIDE: A Secure Multicore that Efficiently Mitigates Microarchitecture State Attacks for Interactive Applications

IRONHIDE：一种安全多核，可有效缓解交互式应用程序的微架构状态攻击

• DOI: 10.1109/hpca47549.2020.00019
• 发表时间: 2020
• 期刊: 2020 IEEE International Symposium on High Performance Computer Architecture (HPCA
• 作者: Omar, Hamza;Khan, Omer
• 通讯作者: Khan, Omer

OPTIMUS: A Security-Centric Dynamic Hardware Partitioning Scheme for Processors that Prevent Microarchitecture State Attacks

OPTIMUS：一种以安全为中心的动态硬件分区方案，用于防止微架构状态攻击的处理器

• DOI: 10.1109/tc.2020.2996021
• 发表时间: 2020
• 期刊: IEEE Transactions on Computers
• 影响因子: 3.7
• 作者: Omar, Hamza;Dagostino, Brandon;Khan, Omer
• 通讯作者: Khan, Omer

SSE: Security Service Engines to Accelerate Enclave Performance in Secure Multicore Processors

SSE：安全服务引擎可提高安全多核处理器中的 Enclave 性能

• DOI: 10.1109/lca.2022.3210149
• 发表时间: 2022
• 期刊: IEEE Computer Architecture Letters
• 影响因子: 2.3
• 作者: Nye, Jared;Khan, Omer
• 通讯作者: Khan, Omer