| 1. |
- Aimoniotis, Pavlos, et al.
(författare)
-
Reorder Buffer Contention : A Forward Speculative Interference Attack for Speculation Invariant Instructions
- 2021
-
Ingår i: IEEE COMPUTER ARCHITECTURE LETTERS. - : Institute of Electrical and Electronics Engineers (IEEE). - 1556-6056 .- 1556-6064. ; 20:2, s. 162-165
-
Tidskriftsartikel (refereegranskat)abstract
- Speculative side-channel attacks access sensitive data and use transmitters to leak the data during wrong-path execution. Various defenses have been proposed to prevent such information leakage. However, not all speculatively executed instructions are unsafe: Recent work demonstrates that speculation invariantinstructions are independent of speculative control-flow paths and are guaranteed to eventually commit, regardless of the speculation outcome. Compile-time information coupled with run-time mechanisms can then selectively lift defenses for speculation invariant instructions, reclaiming some of the lost performance. Unfortunately, speculation invariant instructions can easily be manipulated by a form of speculative interference to leak information via a new side-channel that we introduce in this paper. We show that forward speculative interference where older speculative instructions interfere with younger speculation invariant instructions effectively turns them into transmitters for secret data accessed during speculation. We demonstrate forward speculative interference on actual hardware, by selectively filling the reorder buffer (ROB) with instructions, pushing speculative invariant instructions in-or-out of the ROB on demand, based on a speculatively accessed secret. This reveals the speculatively accessed secret, as the occupancy of the ROB itself becomes a new speculative side-channel.
|
|
| 2. |
- Besharati, Farshid, et al.
(författare)
-
The EVI Distributed Shared Memory System
- 2015
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- With the data handled by companies and research institutes getting larger and larger every day, there is a clear need for faster computing. At the same time, we have reached the limit of power consumption and more power efficient computing is also called for, both in the datacenter and in the supercomputer room. For that, there is a great push, both in industry and academia, towards increasing the amount of computing power per watt consumed. With this shift towards a different computing paradigm, many older ideas are looked upon in a new light. One of these is the distributed shared memory (DSM) systems. It is becoming harder and harder to achieve higher performance and better power efficiency at the same form factor as we have always had. Furthermore, while we have seen a stop in the constant increase of processor speeds, there is a constant increase in network communication speeds. Software implemented DSM is again a viable solution for high performance computing, without the need for sacrificing ease of programming for performance gains. The goal of this course was to develop such a system, and learn in the process. We chose to work with the Adapteva Parallella boards and design a DSM system there. Over one semester we designed and developed that system.
|
|
| 3. |
- Jose Gomez-Hernandez, Eduardo, et al.
(författare)
-
Splash-4 : Improving Scalability with Lock-Free Constructs
- 2021
-
Ingår i: 2021 IEEE International Symposium On Performance Analysis Of Systems And Software (ISPASS 2021). - : Institute of Electrical and Electronics Engineers (IEEE). ; , s. 235-236
-
Konferensbidrag (refereegranskat)abstract
- Over the past three decades, the parallel applications of the Splash-2 benchmark suite have been instrumental in advancing multiprocessor research. Recently, the Splash-3 benchmarks eliminated performance bugs, data races, and improper synchronization that plagued Splash-2 benchmarks after the definition of the C memory model. In this work, we revisit the Splash-3 benchmarks and adapt them for contemporary architectures with atomic operations and lock-free constructs. With our changes, we improve the scalability of most benchmarks for up to 32 and 64 cores, showing an improvement of up to 9x in actual machines, and up to 5x in simulation, over the unmodified Splash-3 benchmarks. To denote the substantive nature of the improvements in the Splash-3 benchmarks and to re-introduce them in contemporary research, we refer to the new collection as Splash-4.
|
|
| 4. |
|
|
| 5. |
|
|
| 6. |
- Sakalis, Christos, et al.
(författare)
-
Delay-on-Squash : Stopping Microarchitectural Replay Attacks in Their Tracks
- 2022
-
Ingår i: ACM Transactions on Architecture and Code Optimization (TACO). - : Association for Computing Machinery (ACM). - 1544-3566 .- 1544-3973. ; 20:1
-
Tidskriftsartikel (refereegranskat)abstract
- MicroScope and other similar microarchitectural replay attacks take advantage of the characteristics of speculative execution to trap the execution of the victim application in a loop, enabling the attacker to amplify a side-channel attack by executing it indefinitely. Due to the nature of the replay, it can be used to effectively attack software that are shielded against replay, even under conditions where a side-channel attack would not be possible (e.g., in secure enclaves). At the same time, unlike speculative side-channel attacks, microarchitectural replay attacks can be used to amplify the correct path of execution, rendering many existing speculative side-channel defenses ineffective. In this work, we generalize microarchitectural replay attacks beyond MicroScope and present an efficient defense against them. We make the observation that such attacks rely on repeated squashes of so-called "replay handles" and that the instructions causing the side-channel must reside in the same reorder buffer window as the handles. We propose Delay-on-Squash, a hardware-only technique for tracking squashed instructions and preventing them from being replayed by speculative replay handles. Our evaluation shows that it is possible to achieve full security against microarchitectural replay attacks with very modest hardware requirements while still maintaining 97% of the insecure baseline performance.
|
|
| 7. |
- Sakalis, Christos, et al.
(författare)
-
Delay-on-Squash: Stopping Microarchitectural Replay Attacks in Their Tracks
-
Annan publikation (övrigt vetenskapligt/konstnärligt)abstract
- MicroScope, and microarchitectural replay attacks in general, take advantage of the characteristics of speculative execution to trap the execution of the victim application in a loop, enabling the attacker to amplify a side-channel attack by executing it indefinitely. Due to the nature of the replay, it can be used to effectively attack software that are shielded against replay, even under conditions where a side-channel attack would not be possible (e.g., in secure enclaves). At the same time, unlike speculative side-channel attacks, microarchitectural replay attacks can be used to amplify the correct path of execution, rendering many existing speculative side-channel defences ineffective.In this work, we generalize microarchitectural replay attacks beyond MicroScope and present an efficient defence against them. We make the observation that such attacks rely on repeated squashes of so-called "replay handles" and that the instructions causing the side-channel must reside in the same reorder buffer window as the handles. We propose Delay-on-Squash, a hardware-only technique for tracking squashed instructions and preventing them from being replayed by speculative replay handles. Our evaluation shows that it is possible to achieve full security against microarchitectural replay attacks with very modest hardware requirements, while still maintaining 97% of the insecure baseline performance.
|
|
| 8. |
- Sakalis, Christos, et al.
(författare)
-
Do Not Predict – Recompute! : How Value Recomputation Can Truly Boost the Performance of Invisible Speculation
- 2021
-
Ingår i: 2021 International Symposium on Secure and Private Execution Environment Design (SEED). - : Institute of Electrical and Electronics Engineers (IEEE). - 9781665420259 ; , s. 89-100
-
Konferensbidrag (refereegranskat)abstract
- Recent architectural approaches that address speculative side-channel attacks aim to prevent software from exposing the microarchitectural state changes of transient execution. The Delay-on-Miss technique is one such approach, which simply delays loads that miss in the L1 cache until they become non-speculative, resulting in no transient changes in the memory hierarchy. However, this costs performance, prompting the use of value prediction (VP) to regain some of the delay.However, the problem cannot be solved by simply introducing a new kind of speculation (value prediction). Value-predicted loads have to be validated, which cannot be commenced until the load becomes non-speculative. Thus, value-predicted loads occupy the same amount of precious core resources (e.g., reorder buffer entries) as Delay-on-Miss. The end result is that VP only yields marginal benefits over Delay-on-Miss.In this paper, our insight is that we can achieve the same goal as VP (increasing performance by providing the value of loads that miss) without incurring its negative side-effect (delaying the release of precious resources), if we can safely, non-speculatively, recompute a value in isolation (without being seen from the outside), so that we do not expose any information by transferring such a value via the memory hierarchy. Value Recomputation, which trades computation for data transfer was previously proposed in an entirely different context: to reduce energy-expensive data transfers in the memory hierarchy. In this paper, we demonstrate the potential of value recomputation in relation to the Delay-on-Miss approach of hiding speculation, discuss the trade-offs, and show that we can achieve the same level of security, reaching 93% of the unsecured baseline performance (5% higher than Delay-on-miss), and exceeding (by 3%) what even an oracular (100% accuracy and coverage) value predictor could do.
|
|
| 9. |
- Sakalis, Christos, et al.
(författare)
-
Efficient invisible speculative execution through selective delay and value prediction
- 2019
-
Ingår i: Proc. 46th International Symposium on Computer Architecture. - New York : ACM Press. - 9781450366694 ; , s. 723-735
-
Konferensbidrag (refereegranskat)abstract
- Speculative execution, the base on which modern high-performance general-purpose CPUs are built on, has recently been shown to enable a slew of security attacks. All these attacks are centered around a common set of behaviors: During speculative execution, the architectural state of the system is kept unmodified, until the speculation can be verified. In the event that a misspeculation occurs, then anything that can affect the architectural state is reverted (squashed) and re-executed correctly. However, the same is not true for the microarchitectural state. Normally invisible to the user, changes to the microarchitectural state can be observed through various side-channels, with timing differences caused by the memory hierarchy being one of the most common and easy to exploit. The speculative side-channels can then be exploited to perform attacks that can bypass software and hardware checks in order to leak information. These attacks, out of which the most infamous are perhaps Spectre and Meltdown, have led to a frantic search for solutions.In this work, we present our own solution for reducing the microarchitectural state-changes caused by speculative execution in the memory hierarchy. It is based on the observation that if we only allow accesses that hit in the L1 data cache to proceed, then we can easily hide any microarchitectural changes until after the speculation has been verified. At the same time, we propose to prevent stalls by value predicting the loads that miss in the L1. Value prediction, though speculative, constitutes an invisible form of speculation, not seen outside the core. We evaluate our solution and show that we can prevent observable microarchitectural changes in the memory hierarchy while keeping the performance and energy costs at 11% and 7%, respectively. In comparison, the current state of the art solution, InvisiSpec, incurs a 46% performance loss and a 51% energy increase.
|
|
| 10. |
- Sakalis, Christos, et al.
(författare)
-
Evaluating the Potential Applications of Quaternary Logic for Approximate Computing
- 2020
-
Ingår i: ACM Journal on Emerging Technologies in Computing Systems. - : Association for Computing Machinery (ACM). - 1550-4832 .- 1550-4840. ; 16:1
-
Tidskriftsartikel (refereegranskat)abstract
- There exist extensive ongoing research efforts on emerging atomic-scale technologies that have the potential to become an alternative to today’s complementary metal--oxide--semiconductor technologies. A common feature among the investigated technologies is that of multi-level devices, particularly the possibility of implementing quaternary logic gates and memory cells. However, for such multi-level devices to be used reliably, an increase in energy dissipation and operation time is required. Building on the principle of approximate computing, we present a set of combinational logic circuits and memory based on multi-level logic gates in which we can trade reliability against energy efficiency. Keeping the energy and timing constraints constant, important data are encoded in a more robust binary format while error-tolerant data are encoded in a quaternary format. We analyze the behavior of the logic circuits when exposed to transient errors caused as a side effect of this encoding. We also evaluate the potential benefit of the logic circuits and memory by embedding them in a conventional computer system on which we execute jpeg, sobel, and blackscholes approximately. We demonstrate that blackscholes is not suitable for such a system and explain why. However, we also achieve dynamic energy reductions of 10% and 13% for jpeg and sobel, respectively, and improve execution time by 38% for sobel, while maintaining adequate output quality.
|
|
