A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Filters
ISA semantics for ARMv8-a, RISC-v, and CHERI-MIPS
2019
Proceedings of the ACM on Programming Languages (PACMPL)
Preserved Fulltext
In this paper, we present rigorous semantic models for the sequential behaviour of large parts of the mainstream ARMv8-A, RISC-V, and MIPS architectures, and the research CHERI-MIPS architecture, that ...
We do this using a custom language for ISA semantics, Sail, with a lightweight dependent type system, that supports automatic generation of emulator code in C and OCaml, and automatic generation of proof-assistant ...
ACKNOWLEDGMENTS The ARMv8-A modelling work would not have been possible without generous technical assistance from ARM. ...
doi:10.1145/3290384
fatcat:v4zdb5cq7nbzzetgkitndrlcia
Rigorous engineering for hardware security: Formal modelling and proof in the CHERI design and implementation process
2020
2020 IEEE Symposium on Security and Privacy (SP)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
ACKNOWLEDGEMENTS We thank Wes Filardo and Prashanth Mundkur for comments, and all the members of the CHERI team for their work on the project as a whole. ...
), and new hand-written models for RISC-V and CHERI-RISC-V. ...
Sail models include CHERI-MIPS (ported from the L3 model and included in the CHERI architecture document [6] ), a complete ISA semantics for ARMv8-A (automatically derived from the Arm-internal definition ...
doi:10.1109/sp40000.2020.00055
dblp:conf/sp/NienhuisJBFR0NN20
fatcat:7ctnxm52abgfdommuxendyfrxm
Analysis on the Possibility of RISC-V Adoption
2020
UC Merced Undergraduate Research Journal
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Akram's data indicates that x86 instructions generated the greatest number of runtime Macro-Operation (M-Op) fusions
their paper "ISA Semantics for ARMv8-A, RISC-V, and CHERI-MIPS" presented at the Principles ...
In Akram's testing, ARMv8, which is a RISC based ISA never exceeded the number of M-Op fusions used by x86, which is a CISC based ISA [2] . 5 Another trouble spot for modern ISAs is that tools provided ...
doi:10.5070/m4121046641
fatcat:pk6iq6ps35fpxosarz33dtm6ri
Improved Tool Support for Machine-Code Decompilation in HOL4
[chapter]
2015
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
These advancements have been facilitated by the development of a domain specific language, called L3, for the specification of Instruction Set Architectures (ISAs). ...
The HOL4 interactive theorem prover provides a sound logical environment for reasoning about machine-code programs. ...
MIPS64 is a relatively clean RISC architecture. The CHERI research architecture extends MIPS with capabilities for implementing security management, see [17] . ...
doi:10.1007/978-3-319-22102-1_12
fatcat:xrbtb3mlrzezrddt2zrci2rl54
CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization
2015
2015 IEEE Symposium on Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
CHERI extends a conventional RISC Instruction-Set Architecture, compiler, and operating system to support fine-grained, capability-based memory protection to mitigate memory-related vulnerabilities in ...
We describe how CHERI capabilities can also underpin a hardware-software object-capability model for application compartmentalization that can mitigate broader classes of attack. ...
ISA (e.g., ARMv8 or RISC-V). ...
doi:10.1109/sp.2015.9
dblp:conf/sp/WatsonWNMACDDGL15
fatcat:gd6ypvyzlzhwzp4a6xfwb537zi
ARMv8-A System Semantics: Instruction Fetch in Relaxed Architectures
[chapter]
2020
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In this paper we establish a robust model for one aspect of system semantics: instruction fetch and cache maintenance for ARMv8-A. ...
However, the system semantics, of instruction-fetch and cache maintenance, exceptions and interrupts, and address translation, remains obscure, leaving us without a solid foundation for verification of ...
We also thank Hans Boehm, Stephen Kell, Jaroslav Ševčík, Ben Titzer, and Andrew Turner, for discussions of how instruction cache maintenance is used in practice, and Alastair Reid for comments on a draft ...
doi:10.1007/978-3-030-44914-8_23
fatcat:m7pft2sp25cpxetkcwxe2yf3c4
Engineering with Full-scale Formal Architecture: Morello, CHERI, Armv8-A, and RISC-V
[article]
2021
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
This talk will describe our work to establish and use mechanised semantics for full-scale instruction-set architectures (ISAs): the mainstream Armv8-A architecture, the emerging RISC-V architecture, the ...
CHERI-MIPS and CHERI-RISC-V research architectures that use hardware capabilities for improved security, and Arm's prototype Morello architecturean industrial demonstrator incorporating the CHERI ideas ...
and CHERI-MIPS test generation: Brian Campbell; for CHERI-MIPS verification: Kyndylan Nienhuis; for RISC-V and CHERI-RISC-V specifications: Robert M. ...
doi:10.34727/2021/isbn.978-3-85448-046-4_7
fatcat:pkfxiwrtcvcmvlxszpfphpvx24
Scalable validation of binary lifters
2020
Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Second, I show that formal translation validation of single instructions for a complex ISA like x86-64 is not only practical but can be used as a building block for scalable full-program validation. ...
Also, I illustrated potential applications of the semantics in different formal analyses, and discuss how it can be useful for processor verification. ...
ARMv8-A, RISC-V, and CHERI-MIPS [128] , as well as the semantics of a small subset of x86 [129] . ...
doi:10.1145/3385412.3385964
dblp:conf/pldi/DasguptaDVAF20
fatcat:3khjl5gbmnetjay23fk3sc2ktu
Formal verification of spacecraft control programs (experience report)
2019
Proceedings of the 12th ACM SIGPLAN International Symposium on Haskell - Haskell 2019
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We present REDFIN, a processing core used in space missions, and its formal semantics expressed using the proposed metalanguage for state transformers, followed by examples of verification of simple control ...
This experience report presents a verification approach designed to help spacecraft engineers reduce the effort required for formal verification of low-level control programs executed on custom hardware ...
Acknowledgements We would like to thank Vitaly Bragilevsky, Neil Mitchell, Charles Morisset, Artem Pelenitsyn, Danil Sokolov, as well as the three Haskell Symposium reviewers for their helpful feedback ...
doi:10.1145/3331545.3342593
dblp:conf/haskell/MokhovLL19
fatcat:7igxehidsrgozfwizncaoizez4
Formal Verification of Spacecraft Control Programs
2020
ACM Transactions on Embedded Computing Systems
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
We present REDFIN, a processing core used in space missions, and its formal semantics expressed using the proposed metalanguage for state transformers, followed by examples of verification of simple control ...
This paper presents a verification approach designed to help spacecraft engineers reduce the effort required for formal verification of low-level control programs executed on custom hardware. ...
ACKNOWLEDGEMENTS We would like to thank Vitaly Bragilevsky, Georgi Lyubenov, Neil Mitchell, Charles Morisset, Artem Pelenitsyn, Danil Sokolov, as well as the three Haskell Symposium reviewers for their ...
doi:10.1145/3391900
fatcat:gkvke6xhjrgexi6fl2u2vcstrm
PAC it up: Towards Pointer Integrity using ARM Pointer Authentication
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2019 pre-print arXiv:1811.09189v3 fatcat:dmp3ygdfyjc6pjmuulg6krmldqOther Versions
An example is the recently added support for pointer authentication (PA) in the ARMv8-A processor architecture, commonly used in devices like smartphones. ...
., C and C++) remain a prominent threat against computer systems. ...
The authors thank Kostya Serebryany and Rémi Denis-Courmont for interesting discussions and Zaheer Gauhar for implementation assistance. ...
arXiv:1811.09189v4
fatcat:vscgjhjdmnbxlble56qebrnnxi
The Semantics of Multicopy Atomic ARMv8 and RISC-V
2019
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
This thesis aims to provide a better understanding for the relaxed memory concurrency models of the architectures ARMv8, RISC-V, and (to a lesser degree) Power. ...
Finally, in order to give a simpler explanation of the MCA ARMv8 and RISC-V concurrency models for programmers, we develop an equivalent operational concurrency model in a different style. ...
Peter made time for me whenever I needed help, and provided patient support and valuable guidance, whether on the PhD work or anything else. ...
doi:10.17863/cam.39379
fatcat:f5ysq6gov5czpncokc33b7r3tu
SPECTECTOR: Principled Detection of Speculative Information Flows
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2018 pre-print arXiv:1812.08639v1 fatcat:hmnrebewhvb2peniuqdxppq7z4
Since the advent of SPECTRE, a number of countermeasures have been proposed and deployed. ...
In this paper (1) we put forward speculative non-interference, the first semantic notion of security against speculative execution attacks, and (2) we develop SPECTECTOR, an algorithm based on symbolic ...
Acknowledgments: We thank Roberto Giacobazzi, Matt Miller, and Matthew Parkinson for helpful discussions. ...
arXiv:1812.08639v2
fatcat:lxcjygadcbdlfmufnbsom7pif4