Affiliation:
1. Karlsruhe Institute of Technology, Karlsruhe, Germany
Abstract
We present efficient algorithms for
time-sensitive
control dependencies (CDs). If statement
y
is time-sensitively control dependent on statement
x
, then
x
decides not only whether
y
is executed but also how many timesteps after
x
. If
y
is not standard control dependent on
x
, but time-sensitively control dependent, then
y
will always be executed after
x
, but the execution time between
x
and
y
varies. This allows us to discover, e.g., timing leaks in security-critical software.
We systematically develop properties and algorithms for time-sensitive CDs, as well as for nontermination-sensitive CDs. These work not only for standard control flow graphs (CFGs) but also for CFGs lacking a unique exit node (e.g., reactive systems). We show that Cytron’s efficient algorithm for dominance frontiers [
10
] can be generalized to allow efficient computation not just of classical CDs but also of time-sensitive and nontermination-sensitive CDs. We then use time-sensitive CDs and time-sensitive slicing to discover cache timing leaks in an AES implementation. Performance measurements demonstrate scalability of the approach.
Funder
Deutsche Forschungsgemeinschaft
BMBF
Publisher
Association for Computing Machinery (ACM)