Professional Documents
Culture Documents
Article - P25-Markettos - Through Computer Architecture, Darkly
Article - P25-Markettos - Through Computer Architecture, Darkly
Article - P25-Markettos - Through Computer Architecture, Darkly
viewpoints
DOI:10.1145/3325284 A.T. Markettos, R.N.M. Watson, S.W. Moore, P. Sewell, and P.G. Neumann
Inside Risks
Through Computer
Architecture, Darkly
Total-system hardware and microarchitectural
issues are becoming increasingly critical.
S
PECTRE, 11 MELTDOWN, 13 FORE-
SHADOW, 18,20 Rowhammer,9
Spoiler, —suddenly it seems
9
JU N E 2 0 1 9 | VO L. 6 2 | N O. 6 | C OM M U N IC AT ION S OF T HE ACM 25
viewpoints
processor hardware (typically subject there by the designer but were created
to extensive verification) has long been by the physical implementation, often
assumed to provide a solid foundation Designers need unhelpfully sucking away signals or
for software, but increasingly suffers to understand more power. Today we have parasitic com-
from its own vulnerabilities. Second, puters. Many components have unin-
increasing complexity and the way sys- of what takes place tended computational power, which
tems are composed of many hardware/ in layers above can be perverted—from the x86 page-
software pieces, from many vendors, fault handler2 to DMA controllers.16
means one cannot think just in terms or below their field This presents a challenge to under-
of a single-processor architecture. We of expertise. standing where all the computation is
need to take a holistic view that ac- happening, such as what is software
knowledges the complexities of this rather than hardware.
landscape. Third, and most seriously,
these new attacks involved phenomena Toward Robustly Engineered
that cut across the traditional architec- Trustworthy Systems
tural abstractions, which have inten- exploitable malfunction. Unlike the bi- Total-system approaches to security
tionally only described the envelopes nary code of malware, there is no way to defenses are important (see, for ex-
of allowed functional behavior of hard- observe many of these physical proper- ample, Bellovin3). A further lesson
ware implementations, to allow imple- ties. As a result, systems are more vul- from physical-layer attacks is why
mentation variation in performance. nerable to both design mistakes and such attacks are not more of a threat
That flexibility has been essential to supply-chain attacks. today—due to further layers of pro-
hardware performance increases—but As the recent attacks demonstrate, tection. It is not enough to extract
the attacks involve subtle information side-channels are becoming more the cryptographic key from a banking
flows via performance properties. They powerful than expected. Traditional card using laser fault injection; the at-
expose the hidden consequences of physical-layer side-channels are a sig- tacker must also use it to steal money.
some of the microarchitectural inno- nals-from-noise problem. If you record At this point the bank’s system-level
vations that have given us ever-faster enough traces of the power usage, with defenses apply, such as transaction
sequential computation in the last de- powerful enough signal processing, limits and fraud detection. If the key
cades, as caching and prediction leads you can extract secrets. Architectural relates only to one account, the payoff
to side-channels. side-channels have more bandwidth involves only money held by that cus-
and better signal-to-noise ratios, leak- tomer, not all other customers. Ap-
Hardware Vulnerabilities ing much more data more reliably. plication-level compartmentalization
Ideally, security must be built from the If we take a systems-oriented view, limits the reward, and thus makes the
ground up. How can we solve the prob- what can we say about the problem? attack economically nonviable.
lem by building the foundations of se- First of all, the whole is often worse Another approach is to ensure that
cure hardware? than the sum of its parts. Systems are richer contextual information is avail-
For years, hardware security to many composed of disparate components, able that allows the hardware to under-
people has meant focusing on the often sourced from different vendors, stand and enforce security properties.
physical layers. Power/electromagnetic and often granting much greater access The authors are on a team designing,
side-channels and fault injection are to resources than needed to fulfill their developing, and formally analyzing
common techniques for extracting purpose; this can be a boon for attack- the CHERI hardware instruction-set
cryptographic secrets by manipulating ers. For example, in Google Project Ze- architecture,20 as well as CHERI oper-
the physical implementation of a chip. ro’s attack on the Broadcom Wi-Fi chip ating system and application security.
These are not without effectiveness, inside iPhones,4 the attackers jumped The CHERI ISA can enable hardware to
but it is notable that the new spate of from bad Wi-Fi packets to installing enforce pointer provenance, arbitrarily
attacks represents entirely different, malicious code on the Wi-Fi chip, and fine-grained access controls to virtual
and more potent, attack vectors. then to compromising iOS on the ap- memory and to abstract system ob-
One lesson from the physical-layer plication processor. Their ability to use jects, as well as both coarse- and fine-
security community is that implemen- the Wi-Fi chip as a springboard mul- grained compartmentalization. To-
tation is critical. Hardware definition tiplied their efficacy. It is surprisingly gether, these can provide enforceable
languages (HDLs) are compiled down difficult to reason about the behavior of separation and controlled sharing, al-
to connections between library logic such compositions of components.5 At- lowing trustworthy and untrustworthy
cells. The logic cells are then placed tackers may create new side-channels software (including unmodified legacy
and routed and the chip layer designs through unexpected connections—for code) to coexist securely. Since the
produced. One tiny slip—at any level example, a memory DIMM that can hardware has awareness of software
from architecture to HDL source and send network packets via a shared I2C constructs such as pointers and com-
compiler, to cell transistor definitions, bus with an Ethernet controller.17 partments, it can protect them, and we
routing, power, thermals, electromag- Hardware engineers often talk can reason about the protection guar-
netics, dopant concentrations and about ‘parasitic’ resistance or capaci- antees—for example, formally proving
crystal lattices—can cause a potentially tance—components that were not put the architectural abstraction enforces
JU N E 2 0 1 9 | VO L. 6 2 | N O. 6 | C OM M U N IC AT ION S OF T HE ACM 27