Search

EP-4736044-A1 - SYSTEMS AND METHODS UTILIZING HARDWARE MODELS TO DETECT SIDECHANNEL VULNERABILTIES IN PROCESSOR DESIGNS

EP4736044A1EP 4736044 A1EP4736044 A1EP 4736044A1EP-4736044-A1

Abstract

Embodiments of systems and methods utilizing hardware models to detect side-channel vulnerabilities in processor designs are disclosed. Programs and inputs are tested in an instruction set simulator. Implementing the processor design in the instruction set simulator generates contract traces. A hardware simulator is implemented of the processor design. Implementing the hardware simulator results in hardware traces that indicate the data and execution are observable as a result of the hardware simulation. If the data and execution indicated by any of the hardware traces is not the same as that the data and execution indicated by at least one of the contract traces, a side-channel vulnerability is detected. Since the side-channel vulnerability was detected using a hardware simulation, an actual physical processor with the hardware design does not have to be used to test the hardware for the processor design.

Inventors

  • CONTRERAS MUNOZ, Gustavo Kenneth
  • SHUGG, Connor William
  • MAYCOCK, Aidan Dexter
  • OLEKSENKO, Oleksii
  • KOEPF, Boris Alexander

Assignees

  • Microsoft Technology Licensing, LLC

Dates

Publication Date
20260506
Application Date
20240619

Claims (20)

  1. 1. A method (400) of detecting one or more side channels in a processor design, comprising: obtaining (402) a program (108) and a set of inputs (110) for the program; performing (404) the program based off the set of inputs in an instruction set simulator (130) of the processor design to obtain a plurality of contract traces (126) for the processor design; performing (406) the program based off the set of inputs in a hardware simulator (132) of the processor design to obtain a plurality of hardware traces (128) for the processor design; and comparing (408) at least one contract trace of the plurality of contract traces and at least one hardware trace of the plurality of the hardware traces to determine whether there are one or more side-channel vulnerabilities.
  2. 2. The method of claim 1, further comprising: obtaining a set of programs and sets of inputs, wherein each set of inputs of the sets of inputs corresponds to a different program of the set of programs and wherein obtaining the set of programs and the sets of inputs comprises obtaining the program and the set of inputs for the program; performing each one of the programs in the set of programs based on the corresponding set of inputs in the instruction set simulator of the processor design to obtain pluralities of contract traces for the processor design, wherein each of the pluralities of contract traces corresponds to a different one of the programs and a different set of the inputs, wherein performing each one of the programs based on the corresponding set of inputs in the instruction set simulator of the processor design comprises performing the program based of the set of inputs in the instruction set simulator of the processor design to obtain the plurality of contract traces for the processor design; performing each one of the programs in the set of programs based on the corresponding set of inputs in the hardware simulator of the processor design to obtain pluralities of hardware traces for the processor design, wherein each of the pluralities of the hardware traces corresponds to a different one of the programs and a different set of the inputs, wherein performing each one of the programs based on the corresponding set of inputs in the hardware simulator comprises performing the program based of the set of inputs in the hardware simulator of the processor design to obtain the plurality of hardware traces for the processor design; and comparing the at least one contract trace of each of the pluralities of contract traces and the at least one hardware trace of each of the pluralities of the hardware traces to determine whether there are one or more side-channel vulnerabilities, wherein comparing the at least one contract trace of each of the pluralities of contract traces and the at least one hardware trace of each of the pluralities of the hardware traces to determine whether there are one or more sidechannel vulnerabilities comprises comparing the at least one contract trace of the plurality of contract traces and the at least one hardware trace of the plurality of the hardware traces to determine whether there are one or more side-channel vulnerabilities.
  3. 3. The method of claim 1, wherein comparing the at least one contract trace of the plurality of contract traces and the at least one hardware trace of the plurality of the hardware traces to determine whether there are one or more side-channel vulnerabilities comprises: determining one or more groups of contract traces, each group of contract traces includes contract traces generated as a result of implementing the same program with different inputs; for each of the one or more groups of contract traces, comparing corresponding hardware traces to one another to determine whether there is a mismatch between any of the hardware traces; for each group of the one or more groups of contract traces, detect a side-channel vulnerability of the one or more side-channel vulnerabilities for each instance that there is mismatch between any of the hardware traces in the group.
  4. 4. The method of claim 1, wherein the program is a first program, the set of inputs is a first set of inputs, the plurality of contract traces are first contract traces, the plurality of hardware traces are first hardware traces, the one or more side-channel vulnerabilities are one or more first side-channel vulnerabilities, the method further comprising: obtaining a second program and a second set of inputs for the second program; implementing the second set of inputs and the second program in the instruction set simulator of the processor design to obtain second contract traces; implementing the second set of inputs and the second program in the hardware simulator of the processor design to obtain second hardware traces; and comparing the second contract traces and the second hardware traces to determine whether there are one or more second side-channel vulnerabilities.
  5. 5. The method of claim 1 or claim 2, wherein obtaining the program and the set of inputs for the program comprises generating the program and the set of inputs with a side-channel central processing unit (CPU) fuzzer that generates the program and the set of inputs based on a program seed and an input seed.
  6. 6. The method of claim 5, further comprising: generating a master seed; and generating the program seed and the input seed with a seed generator based on the master seed.
  7. 7. The method of claim 6, further comprising implementing a verification environmental interface to prepare the program seed and the input seed to be functional with the side-channel CPU fuzzer before the side-channel CPU fuzzer generates the program and the set of inputs based on the program seed and the input seed.
  8. 8. The method of claim 1 or claim 5, wherein comparing at least one contract trace of the plurality of contract traces and at least one hardware trace of the plurality of hardware traces to determine whether there are one or more side-channel vulnerabilities comprises: implementing an aggregator that generates database entries associating contract traces and hardware traces; storing the database entries in a database; and implementing a database analyzer that compares the contract traces and the hardware traces to determine the one or more side-channel vulnerabilities.
  9. 9. The method of claim 8, wherein obtaining the program and the set of inputs for the program comprises generating the program and the set of inputs with a side-channel central processing unit (CPU) fuzzer that generates the program and the set of inputs based on a program seed and an input seed.
  10. 10. The method of claim 9, further comprising: generating a master seed; and generating the program seed and the input seed with a seed generator based on the master seed.
  11. 11. The method of claim 10, further comprising implementing a verification environmental interface to prepare the program seed and the input seed to be functional with the side-channel CPU fuzzer before the side-channel CPU fuzzer generates the program and the set of inputs based on the program seed and the input seed.
  12. 12. The method of claim 1 or claim 2, wherein performing the program based off the set of inputs in an instruction set simulator of the processor design to obtain a plurality of contract traces for the processor design comprises implementing the instruction set simulator in accordance with a speculation contract that indicates the contract traces based on the program and the set of inputs.
  13. 13. The method of claim 1 or claim 2, wherein the hardware simulator of the processor design is a register transfer level (RTL) simulator.
  14. 14. A computational device (700), comprising: one or more processors (702); and a computer readable medium (716) that stores computer executable instructions, wherein, in response to executing the computer executable instructions, the one or more processors are configured to: obtain (402) a program (108) and a set of inputs (110) for the program; implement (404) the set of inputs and the program in an instruction set simulator (130) of a processor design to obtain contract traces; implement (406) the set of inputs and the program in a hardware simulator (132) of the processor design to obtain hardware traces (128); and compare (408) the contract traces and the hardware traces to determine whether there are one or more side-channel vulnerabilities.
  15. 15. The computational device of claim 14, wherein the program is a first program, the set of inputs is a first set of inputs, the contract traces are first contract traces, the hardware traces are first hardware traces, the one or more side-channel vulnerabilities are one or more first sidechannel vulnerabilities, wherein, in response to executing the computer executable instructions, the one or more processors are further configured to: obtain a second program and a second set of inputs for the second program; implement the second set of inputs and the second program in the instruction set simulator of the processor design to obtain second contract traces; implement the second set of inputs and the second program in the hardware simulator of the processor design to obtain second hardware traces; and compare the second contract traces and the second hardware traces to determine whether there are one or more second side-channel vulnerabilities.
  16. 16. The computational device of claim 14, wherein to obtain the program and the set of inputs for the program, the one or more processors are configured to generate the program and the set of inputs with a side-channel central processing unit (CPU) fuzzer that generates the program and the set of inputs based on a program seed and an input seed.
  17. 17. The computational device of claim 16, wherein, in response to executing the computer executable instructions, the one or more processors are further configured to: generate a master seed; and generate the program seed and the input seed with a seed generator based on the master seed.
  18. 18. The computational device of claim 14, wherein to compare the contract traces and the hardware traces to determine whether there are one or more side-channel vulnerabilities, the one or more processors are configured to: implement an aggregator that generates database entries associating the contract traces and the hardware traces; store the database entries in a database; and implement a database analyzer that compares the contract traces and the hardware traces to determine the one or more side-channel vulnerabilities.
  19. 19. A computer readable medium that stores computer executable instructions, wherein, in response to executing the computer executable instructions, one or more processors are configured to: obtain a program and a set of inputs for the program; implement the set of inputs and the program in an instruction set simulator of a processor design to obtain contract traces; implement the set of inputs and the program in a hardware simulator of the processor design to obtain hardware traces; and compare the contract traces and the hardware traces to determine whether there are one or more side-channel vulnerabilities.
  20. 20. The computer readable medium of claim 19, wherein to obtain the program and the set of inputs for the program, the one or more processors are configured to generate the program and the set of inputs with a side-channel central processing unit (CPU) fuzzer that generates the program and the set of inputs based on a program seed and an input seed.

Description

SYSTEMS AND METHODS UTILIZING HARDWARE MODELS TO DETECT SIDECHANNEL VULNERABILTIES IN PROCESSOR DESIGNS Field of the Disclosure [0001] This disclosure relates generally to systems and methods for detecting side-channel vulnerabilities in processor designs. Background [0002] Modem processors are configured to perform speculative execution in order to operate more efficiently. Speculative execution is an optimization technique where a processor predicts what set of instructions are most likely to be needed during the execution of a task and executes the predicted set of instructions ahead of knowing what instruction branch the processor will actually be following. Speculative execution sometimes results in incorrect instruction branches being executed by a processor. However, the inefficiency in sometimes executing the incorrect instruction branch is more than made up for in not having to wait for an in-order set of instructions to be provided during the execution of tasks. In other words, executing instructions ahead of time results in more efficient use of a processors pipeline circuitry (which is capable of implementing multiple sets of instructions in parallel) despite the execution of incorrect instruction branches. [0003] Unfortunately, speculative execution also exposes a processor to attacks from hackers. When a processor speculatively performs operations that would not occur during correct program execution, data and execution techniques are observable to an attacker via a side channel. Being able to control and limit the data and execution exposed during speculative execution is now an important part of modem cybersecurity. [0004] Speculation contracts are now used to determine what data and execution processes should be observable during speculative execution and what data and execution is to remain undetectable. Speculation contracts declare which operations an attacker can observe through a side channel, and which operations can speculatively change the control/data flow. For example, a contract may declare that an attacker can observe addresses of memory, store operations from memory, and load operations from memory, and that a central processing unit (CPU) may mispredict the targets of conditional jumps. [0005] However, speculation contracts often depend on abstractions of the actual processes being implemented in a processor. As such, an actual processor must be experimentally tested to determine if the processor complies with the speculation contract. If there are data and/or execution processes that are observable during the actual execution of the processor that are not declared in the speculation contract, the processor violates the speculation contract. The processor must then be studied to determine what caused the contract violation and then the processor design for the processor must be reconfigured to eliminate the contract violation. Unfortunately, actually having to generate a physical processor with a particular processor design in order to test the processor design takes time and resources. Reducing the time and resources required to eliminate contract violations is important to improving the process of designing a processor. Summary [0006] Embodiments of systems and methods utilizing hardware models to detect side-channel vulnerabilities in processor designs are disclosed. Programs and inputs are tested in an instruction set simulator, which implements a speculation contract. Implementing the processor design in the instruction set simulator generates contract traces that indicate the data and execution observable in accordance with the speculation contract for the processor design. In addition, a hardware simulator is implemented of the processor design. Implementing the hardware simulator results in hardware traces that indicate the data and execution are observable as a result of the hardware simulation. If the data and execution indicated by any of the hardware traces that correspond to contract traces in the same input class do not match, a side-channel vulnerability is detected. Since the side-channel vulnerability was detected using a hardware simulation, an actual physical processor with the hardware design does not have to be used to test the hardware for the processor design. [0007] In some embodiments, a method of detecting one or more side channels in a processor design, includes: obtaining a program and a set of inputs for the program; performing the program based off the set of inputs in an instruction set simulator of the processor design to obtain a plurality of contract traces for the processor design; performing the program based off the set of inputs in a hardware simulator of the processor design to obtain a plurality of hardware traces for the processor design; and comparing at least one contract trace of the plurality of contract traces and at least one hardware trace of the plurality of the hardware traces to determine whether there are one or more side-c