Abstract
AbstractSpeculative execution attacks affect all modern processors and much work has been done to develop techniques for detection of associated vulnerabilities. Modern processors also operate on weak memory models which allow out-of-order execution of code. Despite this, there is little work on looking at the interplay between speculative execution and weak memory models. In this paper, we provide an information flow logic for detecting speculative execution vulnerabilities on weak memory models. The logic is general enough to be used with any modern processor, and designed to be extensible to allow detection of vulnerabilities to specific attacks. The logic has been proven sound with respect to an abstract model of speculative execution in Isabelle/HOL.
Publisher
Springer Nature Switzerland
Reference44 articles.
1. Lecture Notes in Computer Science;M Barnett,2006
2. Barnett, M., Leino, K.R.M.: Weakest-precondition of unstructured programs. In: Ernst, M.D., Jensen, T.P. (eds.) Proceedings of the 2005 ACM SIGPLAN-SIGSOFT Workshop on Program Analysis For Software Tools and Engineering, PASTE’05, pp. 82–87. ACM (2005). https://doi.org/10.1145/1108792.1108813
3. Bauer, M., Hetterich, L., Rossow, C., Schwarz, M.: Switchpoline: a software mitigation for Spectre-BTB and Spectre-BHB on ARMv8. In: 2024 ACM ASIA Conference on Computer and Communications Security, AsiaCCS 2024. ACM (2024). https://doi.org/10.60882/cispa.25304857.v1
4. Bhattacharyya, A., et al.: SMoTherSpectre: exploiting speculative execution through port contention. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) CCS 2019, pp. 785–800. ACM (2019). https://doi.org/10.1145/3319535.3363194
5. Bulck, J.V., et al.: Foreshadow: extracting the keys to the intel SGX kingdom with transient out-of-order execution. In: Enck, W., Felt, A.P. (eds.) 27th USENIX Security Symposium, USENIX Security 2018, pp. 991–1008. USENIX Association (2018)