SaTC: CORE: Small: A Secure Processor that Exploits Multicore Parallelism while Protecting Against Microarchitecture State Attacks

SaTC：CORE：小型：利用多核并行性同时防止微架构状态攻击的安全处理器

• 批准号: 1929261
• 负责人: Omer Khan
• 金额: $ 50万
• 依托单位: University of Connecticut
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-10-01 至 2024-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1929261&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Secure; Processor

Microprocessors are widely deployed in cloud, fog, edge, and mobile computing platforms. In all cases, the economies of scale stem from our ability (through the use of mature virtualization technologies) to host large sets of applications from diverse domains. These applications increasingly operate on private or confidential user data. A major hurdle for exposing and exploiting virtualization capabilities in next generation processors is the lack of a clear vision for how to address the security challenges associated with co-locating applications that share hardware. This project singles out the challenge of controlling leakage of speculative and non-speculative microarchitecture state information: the ability of an adversary to glean sensitive information about a co-located workload by observing patterns of communication or resource utilization at various layers of the processor hardware stack. The importance of this problem is exacerbated by recent attacks on commercial microprocessors, where hardware resource sharing is exploited to expose microarchitecture state information to an adversary that is otherwise inaccessible or not directly visible in the system state.The project develops a new abstraction for securing the microarchitecture state vulnerabilities in multicore processors. Today's processors assume temporal execution of secure (victim) and insecure (potentially malicious) applications under the purview of virtualization. For strong isolation, at each context switch, a secure processor must clean the microarchitecture state from all shared hardware resources. This project re-thinks secure processor designs, and challenges these assumptions in the context of multicore processors. A spatio-temporal execution model is envisioned, where the cores are spatially partitioned into secure and insecure clusters (or domains). The secure cluster and its accompanying software and hardware is envisioned to become the only trusted component in the multicore processor trusted computing base (TCB). This allows the concurrently executing domains to fully exploit their allocated hardware resources for performance, while guaranteeing bounded information leakage through the hardware sharing of microarchitecture state. The incorporation of security to tackle microarchitecture state vulnerabilities at various levels of the processor hardware is timely, as it ensures that the consideration of security concerns in the still-evolving hardware stack is not an afterthought. Doing so will speed up the adoption of emerging safety-critical secure applications, thus improving the hardness and certification of the US cyber infrastructure, with significant benefits to our economy and society.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

微处理器广泛应用于云计算、雾计算、边缘计算和移动计算平台。在所有情况下，规模经济源于我们（通过使用成熟的虚拟化技术）托管来自不同领域的大型应用程序集的能力。这些应用程序越来越多地对私人或机密用户数据进行操作。在下一代处理器中公开和利用虚拟化功能的一个主要障碍是，对于如何解决与共享硬件的共存应用程序相关的安全挑战缺乏清晰的愿景。该项目突出了控制推测性和非推测性微体系结构状态信息泄漏的挑战：攻击者通过观察处理器硬件堆栈各层的通信模式或资源利用来收集有关同址工作负载的敏感信息的能力。最近针对商业微处理器的攻击加剧了这个问题的重要性，攻击者利用硬件资源共享将微体系结构状态信息暴露给攻击者，否则这些信息在系统状态中是无法访问或无法直接看到的。该项目开发了一种新的抽象，用于保护多核处理器中的微架构状态漏洞。今天的处理器在虚拟化的范围内承担安全（受害者）和不安全（潜在恶意）应用程序的临时执行。为了实现强隔离，在每次上下文切换时，安全处理器必须从所有共享硬件资源中清除微体系结构状态。本项目重新考虑了安全处理器的设计，并在多核处理器的环境中挑战了这些假设。设想了一个时空执行模型，其中核心在空间上划分为安全和不安全的集群（或域）。安全集群及其配套的软件和硬件被设想成为多核处理器可信计算基础（TCB）中唯一的可信组件。这允许并发执行域充分利用其分配的硬件资源以提高性能，同时通过微体系结构状态的硬件共享保证有界信息泄漏。将安全性整合到处理器硬件的各个级别来解决微体系结构状态漏洞是及时的，因为它确保了在仍在发展的硬件堆栈中考虑安全问题不是事后才想到的。这样做将加快新兴安全关键型安全应用的采用，从而提高美国网络基础设施的硬度和认证，对我们的经济和社会有重大好处。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

ASM: An Adaptive Secure Multicore for Co-located Mutually Distrusting Processes

ASM：用于共置互不信任进程的自适应安全多核

• DOI: 10.1145/3587480
• 发表时间: 2023
• 期刊: ACM Transactions on Architecture and Code Optimization
• 影响因子: 1.6
• 作者: Sahni, Abdul Rasheed;Omar, Hamza;Ali, Usman;Khan, Omer
• 通讯作者: Khan, Omer

MultiCon: An Efficient Timing-based Side Channel Attack on Shared Memory Multicores

MultiCon：对共享内存多核的有效的基于定时的侧通道攻击

• DOI: 10.1109/iccd56317.2022.00024
• 发表时间: 2022
• 期刊: 2022 IEEE 40th International Conference on Computer Design (ICCD
• 作者: Ali, Usman;Khan, Omer
• 通讯作者: Khan, Omer

IRONHIDE: A Secure Multicore that Efficiently Mitigates Microarchitecture State Attacks for Interactive Applications

IRONHIDE：一种安全多核，可有效缓解交互式应用程序的微架构状态攻击

• DOI: 10.1109/hpca47549.2020.00019
• 发表时间: 2020
• 期刊: 2020 IEEE International Symposium on High Performance Computer Architecture (HPCA
• 作者: Omar, Hamza;Khan, Omer
• 通讯作者: Khan, Omer

OPTIMUS: A Security-Centric Dynamic Hardware Partitioning Scheme for Processors that Prevent Microarchitecture State Attacks

OPTIMUS：一种以安全为中心的动态硬件分区方案，用于防止微架构状态攻击的处理器

• DOI: 10.1109/tc.2020.2996021
• 发表时间: 2020
• 期刊: IEEE Transactions on Computers
• 影响因子: 3.7
• 作者: Omar, Hamza;Dagostino, Brandon;Khan, Omer
• 通讯作者: Khan, Omer

SSE: Security Service Engines to Accelerate Enclave Performance in Secure Multicore Processors

SSE：安全服务引擎可提高安全多核处理器中的 Enclave 性能

• DOI: 10.1109/lca.2022.3210149
• 发表时间: 2022
• 期刊: IEEE Computer Architecture Letters
• 影响因子: 2.3
• 作者: Nye, Jared;Khan, Omer
• 通讯作者: Khan, Omer