Ferdous, N. (CSE) – SPECSIM : A Simulation Infrastructure Mitigating Transient Timing Attacks

   Transient execution attacks are serious security threats in modern-day processors. Out-of-order execution compels the processor to access data that should not be otherwise perceived. Leakage of that secret information creates a covert channel for the attacker for various types of transient and speculative attacks. Transient based execution attacks emanate when the secret information is leaked by the execution of transient instructions which are executed by the processor but never got committed from the processor pipeline. However, on the microarchitectural level, the effect of these transient instructions is noticeable. Generally, microarchitectural state is the state that a processor maintains to improve performance which is transparent to software. The secret data retained in the microarchitectural state are susceptible to create a covert channel and thereby are at higher risk to be observed by the attacker for transient attacks.
This research work presents a robust and secure simulation infrastructure that implements multiple strategies to mitigate transient attacks in the timing domain. This work proposes various strategies e.g., Reorder Buffer Transient Flushing Technique in Randomized Transient Pipeline, SpecSCB for making the speculative instructions invisible to the architectural state, for the mitigation of the timing attack. In this work, transient instructions are added in the proposed Randomized Transient Pipeline and are flushed effectively, using Transient Flushing Techniques, squashing all the transient instruction residues that could remain in the Randomized Transient Pipeline. This flushing strategy also ensures no difference in the execution time of the base simulation and the proposed Randomized Transient Simulation, leaving no leakage for transient based timing attacks. In addition to the simulation platform, a novel Transient Verification Framework is also proposed which consists of Global Time Signature Verification Model and Retirement Time Signature Verification Model. The transient verification framework identifies if there is any anomaly in the timing domain, related to all existing instructions, which could leave space for covert channel for timing attacks. Overall, this work has provided an extensive and robust simulation platform infrastructure for the researchers to explore various types of attacks with their respective mitigating solutions.

Host: Nilufar Ferdous, Ph.D. Student, Computer Science and Engineering 

Advisor: Jose Renau 

Zoom- https://us06web.zoom.us/j/84111701472?pwd=l3s5sQszKt35paVOWNxxLaE8jphG80.1

Passcode- Qi1pAk