CAREER: Integrating Microarchitecture Simulation and Side-Channel Leakage Modeling for Safer Software

职业：集成微架构仿真和侧通道泄漏建模以实现更安全的软件

• 批准号: 2338623
• 负责人: Nader Sehatbakhsh
• 金额: $ 63.75万
• 依托单位: University of California-Los Angeles
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2024
• 资助国家: 美国
• 起止时间: 2024-07-01 至 2029-06-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2338623&HistoricalAwards=false
• 关键词: CAREER; Integrating; Microarchitecture; Simulation; Side

Computers, ranging from embedded systems to servers, are becoming increasingly pervasive and critical in our lives. Whilst these systems carry out their main function, which is computation, they inadvertently generate traces that could potentially disclose sensitive information through alternative physical or digital pathways known as “side-channels.” As we become increasingly dependent upon computing systems, it is more critical than ever to know how side-channel signals can be created, how side-channel leakage can be modeled, and how future software systems should be designed to be robust against side-channel attacks. This proposal explores new methods and tools for quantifying and modeling side-channels for a wide range of processors. Successful completion of this project brings new methods, findings, and open-source tools for analyzing and quantifying side-channels. Various designers and industries can gain advantages from these techniques and tools, including hardware designers, computer architects, compiler designers, and software developers. Our findings enable the construction of secure software systems while reducing cost and time-to-market. As an integral part of this research program, we also propose an educational agenda involving K-12, undergraduate, graduate, and broader security community education.The overall goal of this research proposal is to build a comprehensive tool for side-channel leakage analysis. To achieve this, we first need to improve our modeling capabilities, particularly for physical side-channels, and then focus on integrating these models into established simulation and analysis tools. Based on these needs, our proposal is structured into two research thrusts and an evaluation plan. Each thrust is further broken down into three main research objectives. The first thrust is focused on building an accurate tool to estimate power and electromagnetic (EM) side-channels at the software level. Using three research objectives, we plan to build a model that can accurately model various processor architectures as well as other important components (e.g., accelerators) on a system-on-chip (SoC). The second thrust is focused on modeling microarchitectural side-channels. Specifically, the main goal is to build a new tool that can combine established binary analysis tools with known side-channel leakage models. The ideas proposed will be evaluated using a detailed evaluation plan. We will apply our methods to a wide variety of systems and setups with different hardware and software designs. We will consider various scenarios including different microarchitecture designs (in-order, out-of-order, multicore) and different side-channels (physical electromagnetic signals, digital cache side-channels, transient/speculative side-channels).This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

从嵌入式系统到服务器，计算机在我们的生活中变得越来越普遍和重要，虽然这些系统执行其主要功能（即计算），但它们无意中生成的痕迹可能会通过称为“替代”的物理或数字途径泄露敏感信息。随着我们越来越依赖计算系统，了解如何创建侧信道信号、如何对侧信道泄漏建模以及如何设计未来的软件系统比以往任何时候都更加重要。对侧信道具有鲁棒性该提案探索了用于对各种处理器的侧通道进行量化和建模的新方法和工具，该项目的成功完成为各种设计人员和量化侧通道带来了新的方法、发现和开源工具。各行业可以从这些技术和工具中获益，包括硬件设计人员、计算机架构师、编译器设计人员和软件开发人员，我们的研究结果使安全软件系统的构建成为可能，同时降低成本和缩短上市时间。计划中，我们还提出了一个教育议程，涉及K-12、本科生、研究生以及更广泛的安全社区教育。本研究提案的总体目标是构建一个用于侧信道泄漏分析的综合工具。要实现这一目标，我们首先需要提高我们的建模能力，特别是物理建模能力。根据这些需求，我们的建议被分为两个研究主旨和一个评估计划，每个主旨进一步细分为三个主要研究目标。推力专注于构建一个准确的工具来估计功率和我们计划使用三个研究目标来构建一个模型，该模型可以准确地模拟片上系统 (SoC) 上的各种处理器架构以及其他重要组件（例如加速器）。第二个重点是对微架构侧通道进行建模，其主要目标是构建一种新工具，可以使用已知的侧通道组合泄漏模型来评估所提出的想法。我们将把我们的方法应用于具有不同硬件和软件设计的各种系统和设置，我们将考虑各种场景，包括不同的微架构设计（有序、无序、多核）和不同的侧通道。 （物理电磁信号、数字缓存侧通道、瞬态/推测侧通道）。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力优点和更广泛的影响审查标准进行评估，被认为值得支持。