CAREER: Weird Machines: a New Foundation for Advancing Microarchitectural Security

职业：奇怪的机器：推进微架构安全的新基础

• 批准号: 2145635
• 负责人: Dmitry Evtyushkin
• 金额: $ 55.44万
• 依托单位: College of William and Mary
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-07-01 至 2027-06-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2145635&HistoricalAwards=false
• 关键词: CAREER; Weird; Machines; New; Foundation

The Central Processing Unit (CPU) is a key element of a typical computing system. To improve performance, microarchitecture (MA) of modern CPUs include multiple sub-systems with complex internal state and functionality. While improving performance, these sub-systems often trigger unexpected observable side-effects which are known to enable attacks resulting in sensitive data leakage. The ever-growing complexity of CPU components and the complex nature of the cross-component interaction make it challenging to detect such effects. This CAREER project utilizes the concept of weird machines, a theoretical framework that enables analyzing security vulnerabilities via the theory of computation. According to this concept, vulnerabilities create a new computational model within the original computational entity with properties not intended by its design. Previously, weird machines were mostly used to study software systems. This CAREER project utilizes the concept of weird machines to systematically identify MA side effects and explore how they can be used by a potential attacker. The investigator has discovered that the interaction of MA components creates a new programmable computational model within the CPU microarchitecture that is invisible to existing methods of analysis. At the same time, it can be used to hide malicious activities or to trigger unexpected systems behaviors. The project’s novelties are 1) using the concept of weird machines to study MA security, 2) exploring computational capabilities of MA side effects, 3) investigating use cases for the new model of computation. The project's broader significance and importance are 1) improving the understanding of the attack surface in modern computer systems, 2) establishing a new approach for identifying and documenting MA side effects to be used for research and education.This CAREER project is centered on three main objectives. First, known MA side-effects are documented as weird machine primitives, followed by an automated search for new side-effects. Second, the computational capabilities and practicality of MA weird machines are investigated including programmability of such machines and methods to improve their reliability. In addition, the project explores the feasibility of constructing a universal MA weird machine capable of performing arbitrary computations. Third, the established MA weird machines framework is applied to study known types of MA attacks, such as side channels, enabling discovery of new attack variants.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

中央处理单元（CPU）是典型计算系统的关键元件。为了提高性能，现代CPU的微体系结构（MA）包括具有复杂内部状态和功能的多个子系统。在提高性能的同时，这些子系统通常会触发意想不到的可观察到的副作用，已知这些副作用会导致敏感数据泄漏的攻击。CPU组件的复杂性不断增加，跨组件交互的复杂性使得检测此类影响具有挑战性。这个CAREER项目利用了怪异机器的概念，这是一个理论框架，可以通过计算理论分析安全漏洞。根据这一概念，漏洞在原始计算实体中创建了一个新的计算模型，其属性不是其设计的目的。以前，奇怪的机器大多用于研究软件系统。这个CAREER项目利用怪异机器的概念来系统地识别MA的副作用，并探索它们如何被潜在的攻击者使用。研究人员发现，MA组件的相互作用在CPU微架构中创建了一个新的可编程计算模型，这是现有分析方法所不可见的。与此同时，它可以用来隐藏恶意活动或触发意外的系统行为。该项目的新颖之处在于：1）使用怪异机器的概念来研究MA安全性，2）探索MA副作用的计算能力，3）调查新计算模型的用例。该项目的更广泛的意义和重要性是1）提高对现代计算机系统中攻击面的理解，2）建立一种新的方法来识别和记录MA副作用，用于研究和教育。这个CAREER项目围绕三个主要目标。首先，已知的MA副作用被记录为奇怪的机器原语，然后自动搜索新的副作用。其次，研究了MA怪机器的计算能力和实用性，包括这类机器的可编程性和提高其可靠性的方法。此外，该项目还探索了构建能够执行任意计算的通用MA怪异机器的可行性。第三，已建立的MA怪异机器框架被应用于研究已知类型的MA攻击，如侧通道，从而能够发现新的攻击变种。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。