Sapper: a language for hardware-level security policy enforcement
Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the hardware used by the system is...
Gespeichert in:
| Veröffentlicht in: | Computer architecture news 2014-04, Vol.42 (1), p.97-112 |
|---|---|
| Hauptverfasser: | , , , , , , , , |
| Format: | Artikel |
| Sprache: | eng |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 112 |
|---|---|
| container_issue | 1 |
| container_start_page | 97 |
| container_title | Computer architecture news |
| container_volume | 42 |
| creator | Li, Xun Kashyap, Vineeth Oberg, Jason K. Tiwari, Mohit Rajarathinam, Vasanth Ram Kastner, Ryan Sherwood, Timothy Hardekopf, Ben Chong, Frederic T. |
| description | Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the hardware used by the system is fully ``correct'' and that the hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel hardware description language for designing security-critical hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting hardware's area and energy overhead and compare them with alternative designs. |
| doi_str_mv | 10.1145/2654822.2541947 |
| format | Article |
| fullrecord | <record><control><sourceid>crossref</sourceid><recordid>TN_cdi_crossref_primary_10_1145_2654822_2541947</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>10_1145_2654822_2541947</sourcerecordid><originalsourceid>FETCH-crossref_primary_10_1145_2654822_25419473</originalsourceid><addsrcrecordid>eNpjYBA3NNAzNDQx1TcyMzWxMDLSMzI1MbQ0MWdh4DQwNDPWNbU0M-Fg4CouzjIA8s2NDTgZ2IITCwpSi3gYWNMSc4pTeaE0N4O-m2uIs4duclF-cXFRalp8QVFmbmJRZbyhQTzIinioFfFQK4xJ1wEAKOAspA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Sapper: a language for hardware-level security policy enforcement</title><source>ACM Digital Library Complete</source><creator>Li, Xun ; Kashyap, Vineeth ; Oberg, Jason K. ; Tiwari, Mohit ; Rajarathinam, Vasanth Ram ; Kastner, Ryan ; Sherwood, Timothy ; Hardekopf, Ben ; Chong, Frederic T.</creator><creatorcontrib>Li, Xun ; Kashyap, Vineeth ; Oberg, Jason K. ; Tiwari, Mohit ; Rajarathinam, Vasanth Ram ; Kastner, Ryan ; Sherwood, Timothy ; Hardekopf, Ben ; Chong, Frederic T.</creatorcontrib><description>Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the hardware used by the system is fully ``correct'' and that the hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel hardware description language for designing security-critical hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting hardware's area and energy overhead and compare them with alternative designs.</description><identifier>ISSN: 0163-5964</identifier><identifier>DOI: 10.1145/2654822.2541947</identifier><language>eng</language><ispartof>Computer architecture news, 2014-04, Vol.42 (1), p.97-112</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-crossref_primary_10_1145_2654822_25419473</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27901,27902</link.rule.ids></links><search><creatorcontrib>Li, Xun</creatorcontrib><creatorcontrib>Kashyap, Vineeth</creatorcontrib><creatorcontrib>Oberg, Jason K.</creatorcontrib><creatorcontrib>Tiwari, Mohit</creatorcontrib><creatorcontrib>Rajarathinam, Vasanth Ram</creatorcontrib><creatorcontrib>Kastner, Ryan</creatorcontrib><creatorcontrib>Sherwood, Timothy</creatorcontrib><creatorcontrib>Hardekopf, Ben</creatorcontrib><creatorcontrib>Chong, Frederic T.</creatorcontrib><title>Sapper: a language for hardware-level security policy enforcement</title><title>Computer architecture news</title><description>Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the hardware used by the system is fully ``correct'' and that the hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel hardware description language for designing security-critical hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting hardware's area and energy overhead and compare them with alternative designs.</description><issn>0163-5964</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2014</creationdate><recordtype>article</recordtype><recordid>eNpjYBA3NNAzNDQx1TcyMzWxMDLSMzI1MbQ0MWdh4DQwNDPWNbU0M-Fg4CouzjIA8s2NDTgZ2IITCwpSi3gYWNMSc4pTeaE0N4O-m2uIs4duclF-cXFRalp8QVFmbmJRZbyhQTzIinioFfFQK4xJ1wEAKOAspA</recordid><startdate>20140405</startdate><enddate>20140405</enddate><creator>Li, Xun</creator><creator>Kashyap, Vineeth</creator><creator>Oberg, Jason K.</creator><creator>Tiwari, Mohit</creator><creator>Rajarathinam, Vasanth Ram</creator><creator>Kastner, Ryan</creator><creator>Sherwood, Timothy</creator><creator>Hardekopf, Ben</creator><creator>Chong, Frederic T.</creator><scope>AAYXX</scope><scope>CITATION</scope></search><sort><creationdate>20140405</creationdate><title>Sapper</title><author>Li, Xun ; Kashyap, Vineeth ; Oberg, Jason K. ; Tiwari, Mohit ; Rajarathinam, Vasanth Ram ; Kastner, Ryan ; Sherwood, Timothy ; Hardekopf, Ben ; Chong, Frederic T.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-crossref_primary_10_1145_2654822_25419473</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2014</creationdate><toplevel>online_resources</toplevel><creatorcontrib>Li, Xun</creatorcontrib><creatorcontrib>Kashyap, Vineeth</creatorcontrib><creatorcontrib>Oberg, Jason K.</creatorcontrib><creatorcontrib>Tiwari, Mohit</creatorcontrib><creatorcontrib>Rajarathinam, Vasanth Ram</creatorcontrib><creatorcontrib>Kastner, Ryan</creatorcontrib><creatorcontrib>Sherwood, Timothy</creatorcontrib><creatorcontrib>Hardekopf, Ben</creatorcontrib><creatorcontrib>Chong, Frederic T.</creatorcontrib><collection>CrossRef</collection><jtitle>Computer architecture news</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Li, Xun</au><au>Kashyap, Vineeth</au><au>Oberg, Jason K.</au><au>Tiwari, Mohit</au><au>Rajarathinam, Vasanth Ram</au><au>Kastner, Ryan</au><au>Sherwood, Timothy</au><au>Hardekopf, Ben</au><au>Chong, Frederic T.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Sapper: a language for hardware-level security policy enforcement</atitle><jtitle>Computer architecture news</jtitle><date>2014-04-05</date><risdate>2014</risdate><volume>42</volume><issue>1</issue><spage>97</spage><epage>112</epage><pages>97-112</pages><issn>0163-5964</issn><abstract>Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the hardware used by the system is fully ``correct'' and that the hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel hardware description language for designing security-critical hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting hardware's area and energy overhead and compare them with alternative designs.</abstract><doi>10.1145/2654822.2541947</doi></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0163-5964 |
| ispartof | Computer architecture news, 2014-04, Vol.42 (1), p.97-112 |
| issn | 0163-5964 |
| language | eng |
| recordid | cdi_crossref_primary_10_1145_2654822_2541947 |
| source | ACM Digital Library Complete |
| title | Sapper: a language for hardware-level security policy enforcement |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-06T16%3A39%3A50IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-crossref&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Sapper:%20a%20language%20for%20hardware-level%20security%20policy%20enforcement&rft.jtitle=Computer%20architecture%20news&rft.au=Li,%20Xun&rft.date=2014-04-05&rft.volume=42&rft.issue=1&rft.spage=97&rft.epage=112&rft.pages=97-112&rft.issn=0163-5964&rft_id=info:doi/10.1145/2654822.2541947&rft_dat=%3Ccrossref%3E10_1145_2654822_2541947%3C/crossref%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |