Microarchitectural Security via Hardware-Software Contracts
Spectre, Meltdown, and other microarchitectural attacks have been in the limelight in recent years. These attacks exploit subtle timing and behavioral differences of processors that are caused by microarchitectural optimizations such as caches and speculative execution to gain access to secret information.
The vulnerabilities exploited by microarchitectural attacks are not captured by today's hardware-software contracts, i.e. instruction-set architectures (ISAs). Traditionally, ISAs only capture the "functional" behavior of a system and thus have a blind spot when it comes to side channels. Recently, there has been a push to augment conventional ISAs with a formal specification of information leakage, resulting in more general hardware-software contracts. Such contracts enable writing secure code, e.g. implementing cryptographic algorithms, in a rigorous manner.
In this seminar, we are going to study
- novel hardware-software contracts that capture microarchitectural vulnerabilities,
- verification of hardware-software contracts,
- fuzz testing of hardware-software contracts,
- techniques to automatically synthesize hardware-software contracts from hardware models, and
- techniques to analyze security properties of software on top of contracts.
Each participant will give a presentation of an assigned paper, followed by a group discussion. All students are expected to read each paper carefully and to actively participate in the discussions. Each student will write a summary of the paper they have presented, including a general overview of the topic and reflecting the group discussion.
This is a combined proseminar and seminar with a total of 12 seats.
Basic knowledge of computer architecture (e.g. due to Systemarchitektur) is required.
Knowledge of security and formal methods is a plus.
- Each student is assigned one of the three groups of papers:
- each student is designated as the presenter of one of the papers from his/her group (the presentation should be about 25 minutes long)
- each student needs to read all papers from his/her group and submit a one-page summary + 3 questions about each paper (excluding the paper he/she is presenting)
- The presenter of paper needs to deliver a talk draft to his/her advisor at least 24 days (hard deadline) prior to his/her scheduled talk. In the week before the talk, the presenter should also deliver a practice talk to his/her advisor.
- Summaries+questions have to be delivered 24 hours prior to the respective session.
- For the seminar students (and thus not the proseminar students), a seminar report (should summarize the paper and discuss it in the context of the other work studied in the seminar) is required in addition, to be delivered at the end of the term, 24.3.2023).
|Presentation||Rough presentation draft||35%||7%||50%||10%|
|Full set of slides||7%||10%|
|Actual presentation of paper||21%||30%|
|Summaries of other papers + questions||20%||30%|
|Participation during sessions||15%||20%|
|Seminar Report (Seminar students only)||30%|
Four sessions of 2h30 each are planned:
- 1st session: Thursday, 12.01.2023, 16:00-18:30
- 2nd session: Thursday, 19.01.2023, 16:00-18:30
- 3rd session: Thursday, 26.01.2023, 16:00-18:30
- 4th session: Thursday, 02.02.2023, 16:00-18:30
- Seminar report delivery (only for Seminar students): 24.03.2023