The tutorial will be given on August 25th, 2019 (Sunday) from 9:30am to 12:30pm.
The tutorial will be in Westin Peachtree Hotel, Atlanta, GA, USA (as part of the CHES conference).
The objective of this tutorial is to present the principles that processor architects and hardware designers should use when developing secure processor architectures. Secure processor architectures typically extend commodity processors with new hardware (and related software) features for protection of enclaves, trusted software modules, or even whole operating systems inside virtual machines. Since typical secure processor architectures extend the main processor in the system with security features, hence performance is an important aspect of the design process. In addition, however, they must isolate the protect software from other untrusted user software, possibly untrusted management software, and in many cases a variety of physical attacks, usually on memory. The isolation should also cover all types of possible ways for information leaks, such as through architectural state, micro-architectural state, or due to spatial or temporal sharing of hardware. And, transient execution attacks (Spectre, Meltdown, and their variants), also needs to be finely controlled to mitigate the new types of transient execution threats. In this tutorial, various design patterns will be presented and discussed. First, the tutorial will overview the secure processor architectures and their features. It will discuss various protection mechanisms for isolation and protection of the software from other, untrusted software. Second, tutorial will discuss various timing channels and protection mechanisms, such as secure caches, secure TLBs, or secure branch predictors to defend these attacks. This part will be grounded in a new 3-step model developed for timing channel vulnerability evaluation. Third, the tutorial will present details of Spectre and Meltdown attacks (and their various variants presented to date) and hardware defenses (and estimations of performance impact of each). This tutorial will thus cover the three main contemporary research areas of secure processor architectures: the architectures themselves, timing channels, and transient execution attacks.
Jakub Szefer’s research focuses on improving computer systems security at the architecture and hardware levels. His work explores how to leverage physical properties of hardware as security primitives, and has resulted in, for example, different new types of Physically Uncloneable Functions (PUFs) using commodity Dynamic Random Access Memories (DRAMs). His work also aims to improve security at the architecture level, including recent development of a novel 3-step framework for modeling all possible cache and TLB timing attacks, as well as new types of cache-related timing attacks; and mitigations. Large number of his projects involve Field-Programmable Gate Arrays (FPGAs), including implementations of post-quantum cryptographic (PQC) algorithms, and novel attacks and defense for the new Cloud FPGA computing paradigm. His group regularly open-sources hardware code. He is a recipient of NSF’s CAREER award in 2017, and was elected IEEE Senior Member in 2019. Jakub Szefer has written a book on “Principles of Secure Processor Architecture Design” (2018). He joined Yale University in summer 2013 as an Assistant Professor of Electrical Engineering, where he started the Computer Architecture and Security Laboratory (CAS Lab). Prior to joining Yale, he received Ph.D. and M.A. degrees in Electrical Engineering from Princeton University and worked with Prof. Ruby B. Lee on secure processor architectures. He received B.S. with highest honors in Electrical and Computer Engineering from University of Illinois at Urbana-Champaign.
The tutorial is partly based on a book recently published by Jakub Szefer. This tutorial will complement the book with new material, while the book gives a more in-depth discussion of the topics covered in the tutorial. It is available for purchase, or many universities provide free PDF version of the book through their electronic subscriptions.
9:30 – 10:00 Secure Processor Architectures (30 min.)
10:10 – 10:20 Break
10:10 – 11:20 Timing Channels: Attacks and Hardware Defenses (70 min.)
11:20 – 11:30 Break
11:30 – 12:30 Transient Execution Attacks and Hardware Defenses (60 min.)
Tutorial slides are available here (9.5MB).