CAREER: Integrating Microarchitecture Simulation and Side-Channel Leakage Modeling for Safer Software

职业：集成微架构仿真和侧通道泄漏建模以实现更安全的软件

• 批准号: 2338623
• 负责人: Nader Sehatbakhsh
• 金额: $ 63.75万
• 依托单位: University of California-Los Angeles
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2024
• 资助国家: 美国
• 起止时间: 2024-07-01 至 2029-06-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2338623&HistoricalAwards=false
• 关键词: CAREER; Integrating; Microarchitecture; Simulation; Side

Computers, ranging from embedded systems to servers, are becoming increasingly pervasive and critical in our lives. Whilst these systems carry out their main function, which is computation, they inadvertently generate traces that could potentially disclose sensitive information through alternative physical or digital pathways known as “side-channels.” As we become increasingly dependent upon computing systems, it is more critical than ever to know how side-channel signals can be created, how side-channel leakage can be modeled, and how future software systems should be designed to be robust against side-channel attacks. This proposal explores new methods and tools for quantifying and modeling side-channels for a wide range of processors. Successful completion of this project brings new methods, findings, and open-source tools for analyzing and quantifying side-channels. Various designers and industries can gain advantages from these techniques and tools, including hardware designers, computer architects, compiler designers, and software developers. Our findings enable the construction of secure software systems while reducing cost and time-to-market. As an integral part of this research program, we also propose an educational agenda involving K-12, undergraduate, graduate, and broader security community education.The overall goal of this research proposal is to build a comprehensive tool for side-channel leakage analysis. To achieve this, we first need to improve our modeling capabilities, particularly for physical side-channels, and then focus on integrating these models into established simulation and analysis tools. Based on these needs, our proposal is structured into two research thrusts and an evaluation plan. Each thrust is further broken down into three main research objectives. The first thrust is focused on building an accurate tool to estimate power and electromagnetic (EM) side-channels at the software level. Using three research objectives, we plan to build a model that can accurately model various processor architectures as well as other important components (e.g., accelerators) on a system-on-chip (SoC). The second thrust is focused on modeling microarchitectural side-channels. Specifically, the main goal is to build a new tool that can combine established binary analysis tools with known side-channel leakage models. The ideas proposed will be evaluated using a detailed evaluation plan. We will apply our methods to a wide variety of systems and setups with different hardware and software designs. We will consider various scenarios including different microarchitecture designs (in-order, out-of-order, multicore) and different side-channels (physical electromagnetic signals, digital cache side-channels, transient/speculative side-channels).This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

从嵌入式系统到服务器的计算机在我们的生活中变得越来越普遍和至关重要。尽管这些系统执行其主要功能（即计算），但它们无意中生成可能通过称为“侧通道”的替代物理或数字途径来披露敏感信息的痕迹。随着我们越来越依赖计算系统，知道如何创建侧通道信号，如何建模侧通道泄漏以及如何将未来的软件系统设计成可靠的侧通道攻击，这比以往任何时候都更为重要。该建议探讨了用于量化和建模的新方法和工具，用于广泛的处理器。该项目的成功完成为分析和量化侧渠道提供了新的方法，发现和开源工具。各种设计师和行业可以从这些技术和工具中获得优势，包括硬件设计人员，计算机架构师，编译器设计师和软件开发人员。我们的发现使得可以构建安全的软件系统，同时降低成本和上市时间。作为该研究计划不可或缺的一部分，我们还提出了涉及K-12，本科，研究生和更广泛的安全社区教育的教育议程。该研究建议的总体目标是为侧通道泄漏分析建立全面的工具。为了实现这一目标，我们首先需要提高建模功能，尤其是用于物理侧通道，然后专注于将这些模型集成到已建立的仿真和分析工具中。基于这些需求，我们的建议构成了两个研究推力和一个评估计划。每个推力进一步分为三个主要的研究目标。第一个推力专注于在软件级别构建精确的工具，以估算电磁和电磁（EM）侧通道。使用三个研究目标，我们计划构建一个模型，该模型可以准确地对各种处理器架构以及其他重要组件（例如加速器）（SOC）（SOC）上的其他重要组件（例如加速器）进行建模。第二个推力集中在建模微构造侧通道上。具体而言，主要目标是构建一个可以将已建立的二进制分析工具与已知侧通道泄漏模型相结合的新工具。提出的想法将使用详细的评估计划进行评估。我们将把方法应用于具有不同硬件和软件设计的各种系统和设置。 We will consider various scenarios including different microarchitecture designs (in-order, out-of-order, multicore) and different side-channels (physical electronic signals, digital cache side-channels, transient/speculative side-channels).This award reflects NSF's statutory mission and has been deemed honestly of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.