Sciweavers

ASPLOS
2015
ACM

SPECS: A Lightweight Runtime Mechanism for Protecting Software from Security-Critical Processor Bugs

8 years 6 months ago
SPECS: A Lightweight Runtime Mechanism for Protecting Software from Security-Critical Processor Bugs
Processor implementation errata remain a problem, and worse, a subset of these bugs are security-critical. We classified 7 years of errata from recent commercial processors to understand the magnitude and severity of this problem, and found that of 301 errata analyzed, 28 are security-critical. We propose the SECURITY-CRITICAL PROCESSOR ERRATA CATCHING SYSTEM (SPECS) as a low-overhead solution to this problem. SPECS employs a dynamic verification strategy that is made lightweight by limiting protection to only security-critical processor state. As a proof-ofconcept, we implement a hardware prototype of SPECS in an open source processor. Using this prototype, we evaluate SPECS against a set of 14 bugs inspired by the types of security-critical errata we discovered in the classification phase. The evaluation shows that SPECS is 86% effective as a defense when deployed using only ISA-level state; incurs less than 5% area and power overhead; and has no software run-time overhead. Categ...
Matthew Hicks, Cynthia Sturton, Samuel T. King, Jo
Added 16 Apr 2016
Updated 16 Apr 2016
Type Journal
Year 2015
Where ASPLOS
Authors Matthew Hicks, Cynthia Sturton, Samuel T. King, Jonathan M. Smith
Comments (0)