Filters








13 Hits in 3.8 sec

ISA semantics for ARMv8-a, RISC-v, and CHERI-MIPS

Alasdair Armstrong, Christopher Pulte, Shaked Flur, Ian Stark, Neel Krishnaswami, Peter Sewell, Thomas Bauereiss, Brian Campbell, Alastair Reid, Kathryn E. Gray, Robert M. Norton, Prashanth Mundkur (+2 others)
2019 Proceedings of the ACM on Programming Languages (PACMPL)  
In this paper, we present rigorous semantic models for the sequential behaviour of large parts of the mainstream ARMv8-A, RISC-V, and MIPS architectures, and the research CHERI-MIPS architecture, that  ...  We do this using a custom language for ISA semantics, Sail, with a lightweight dependent type system, that supports automatic generation of emulator code in C and OCaml, and automatic generation of proof-assistant  ...  ACKNOWLEDGMENTS The ARMv8-A modelling work would not have been possible without generous technical assistance from ARM.  ... 
doi:10.1145/3290384 fatcat:v4zdb5cq7nbzzetgkitndrlcia

Rigorous engineering for hardware security: Formal modelling and proof in the CHERI design and implementation process

Kyndylan Nienhuis, Alexandre Joannou, Thomas Bauereiss, Anthony Fox, Michael Roe, Brian Campbell, Matthew Naylor, Robert M. Norton, Simon W. Moore, Peter G. Neumann, Ian Stark, Robert N. M. Watson (+1 others)
2020 2020 IEEE Symposium on Security and Privacy (SP)  
ACKNOWLEDGEMENTS We thank Wes Filardo and Prashanth Mundkur for comments, and all the members of the CHERI team for their work on the project as a whole.  ...  ), and new hand-written models for RISC-V and CHERI-RISC-V.  ...  Sail models include CHERI-MIPS (ported from the L3 model and included in the CHERI architecture document [6] ), a complete ISA semantics for ARMv8-A (automatically derived from the Arm-internal definition  ... 
doi:10.1109/sp40000.2020.00055 dblp:conf/sp/NienhuisJBFR0NN20 fatcat:7ctnxm52abgfdommuxendyfrxm

Analysis on the Possibility of RISC-V Adoption

Ian Scott
2020 UC Merced Undergraduate Research Journal  
Akram's data indicates that x86 instructions generated the greatest number of runtime Macro-Operation (M-Op) fusions their paper "ISA Semantics for ARMv8-A, RISC-V, and CHERI-MIPS" presented at the Principles  ...  In Akram's testing, ARMv8, which is a RISC based ISA never exceeded the number of M-Op fusions used by x86, which is a CISC based ISA [2] . 5 Another trouble spot for modern ISAs is that tools provided  ... 
doi:10.5070/m4121046641 fatcat:pk6iq6ps35fpxosarz33dtm6ri

Improved Tool Support for Machine-Code Decompilation in HOL4 [chapter]

Anthony Fox
2015 Lecture Notes in Computer Science  
These advancements have been facilitated by the development of a domain specific language, called L3, for the specification of Instruction Set Architectures (ISAs).  ...  The HOL4 interactive theorem prover provides a sound logical environment for reasoning about machine-code programs.  ...  MIPS64 is a relatively clean RISC architecture. The CHERI research architecture extends MIPS with capabilities for implementing security management, see [17] .  ... 
doi:10.1007/978-3-319-22102-1_12 fatcat:xrbtb3mlrzezrddt2zrci2rl54

CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization

Robert N.M. Watson, Jonathan Woodruff, Peter G. Neumann, Simon W. Moore, Jonathan Anderson, David Chisnall, Nirav Dave, Brooks Davis, Khilan Gudka, Ben Laurie, Steven J. Murdoch, Robert Norton (+3 others)
2015 2015 IEEE Symposium on Security and Privacy  
CHERI extends a conventional RISC Instruction-Set Architecture, compiler, and operating system to support fine-grained, capability-based memory protection to mitigate memory-related vulnerabilities in  ...  We describe how CHERI capabilities can also underpin a hardware-software object-capability model for application compartmentalization that can mitigate broader classes of attack.  ...  ISA (e.g., ARMv8 or RISC-V).  ... 
doi:10.1109/sp.2015.9 dblp:conf/sp/WatsonWNMACDDGL15 fatcat:gd6ypvyzlzhwzp4a6xfwb537zi

ARMv8-A System Semantics: Instruction Fetch in Relaxed Architectures [chapter]

Ben Simner, Shaked Flur, Christopher Pulte, Alasdair Armstrong, Jean Pichon-Pharabod, Luc Maranget, Peter Sewell
2020 Lecture Notes in Computer Science  
In this paper we establish a robust model for one aspect of system semantics: instruction fetch and cache maintenance for ARMv8-A.  ...  However, the system semantics, of instruction-fetch and cache maintenance, exceptions and interrupts, and address translation, remains obscure, leaving us without a solid foundation for verification of  ...  We also thank Hans Boehm, Stephen Kell, Jaroslav Ševčík, Ben Titzer, and Andrew Turner, for discussions of how instruction cache maintenance is used in practice, and Alastair Reid for comments on a draft  ... 
doi:10.1007/978-3-030-44914-8_23 fatcat:m7pft2sp25cpxetkcwxe2yf3c4

Engineering with Full-scale Formal Architecture: Morello, CHERI, Armv8-A, and RISC-V [article]

Peter Sewell, Ruzica Piskac, Michael W. Whalen
2021
This talk will describe our work to establish and use mechanised semantics for full-scale instruction-set architectures (ISAs): the mainstream Armv8-A architecture, the emerging RISC-V architecture, the  ...  CHERI-MIPS and CHERI-RISC-V research architectures that use hardware capabilities for improved security, and Arm's prototype Morello architecturean industrial demonstrator incorporating the CHERI ideas  ...  and CHERI-MIPS test generation: Brian Campbell; for CHERI-MIPS verification: Kyndylan Nienhuis; for RISC-V and CHERI-RISC-V specifications: Robert M.  ... 
doi:10.34727/2021/isbn.978-3-85448-046-4_7 fatcat:pkfxiwrtcvcmvlxszpfphpvx24

Scalable validation of binary lifters

Sandeep Dasgupta, Sushant Dinesh, Deepan Venkatesh, Vikram S. Adve, Christopher W. Fletcher
2020 Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation  
Second, I show that formal translation validation of single instructions for a complex ISA like x86-64 is not only practical but can be used as a building block for scalable full-program validation.  ...  Also, I illustrated potential applications of the semantics in different formal analyses, and discuss how it can be useful for processor verification.  ...  ARMv8-A, RISC-V, and CHERI-MIPS [128] , as well as the semantics of a small subset of x86 [129] .  ... 
doi:10.1145/3385412.3385964 dblp:conf/pldi/DasguptaDVAF20 fatcat:3khjl5gbmnetjay23fk3sc2ktu

Formal verification of spacecraft control programs (experience report)

Andrey Mokhov, Georgy Lukyanov, Jakob Lechner
2019 Proceedings of the 12th ACM SIGPLAN International Symposium on Haskell - Haskell 2019  
We present REDFIN, a processing core used in space missions, and its formal semantics expressed using the proposed metalanguage for state transformers, followed by examples of verification of simple control  ...  This experience report presents a verification approach designed to help spacecraft engineers reduce the effort required for formal verification of low-level control programs executed on custom hardware  ...  Acknowledgements We would like to thank Vitaly Bragilevsky, Neil Mitchell, Charles Morisset, Artem Pelenitsyn, Danil Sokolov, as well as the three Haskell Symposium reviewers for their helpful feedback  ... 
doi:10.1145/3331545.3342593 dblp:conf/haskell/MokhovLL19 fatcat:7igxehidsrgozfwizncaoizez4

Formal Verification of Spacecraft Control Programs

Georgy Lukyanov, Andrey Mokhov, Jakob Lechner
2020 ACM Transactions on Embedded Computing Systems  
We present REDFIN, a processing core used in space missions, and its formal semantics expressed using the proposed metalanguage for state transformers, followed by examples of verification of simple control  ...  This paper presents a verification approach designed to help spacecraft engineers reduce the effort required for formal verification of low-level control programs executed on custom hardware.  ...  ACKNOWLEDGEMENTS We would like to thank Vitaly Bragilevsky, Georgi Lyubenov, Neil Mitchell, Charles Morisset, Artem Pelenitsyn, Danil Sokolov, as well as the three Haskell Symposium reviewers for their  ... 
doi:10.1145/3391900 fatcat:gkvke6xhjrgexi6fl2u2vcstrm

PAC it up: Towards Pointer Integrity using ARM Pointer Authentication [article]

Hans Liljestrand, Thomas Nyman, Kui Wang, Carlos Chinea Perez, Jan-Erik Ekberg, N. Asokan
2019 arXiv   pre-print
An example is the recently added support for pointer authentication (PA) in the ARMv8-A processor architecture, commonly used in devices like smartphones.  ...  ., C and C++) remain a prominent threat against computer systems.  ...  The authors thank Kostya Serebryany and Rémi Denis-Courmont for interesting discussions and Zaheer Gauhar for implementation assistance.  ... 
arXiv:1811.09189v4 fatcat:vscgjhjdmnbxlble56qebrnnxi

The Semantics of Multicopy Atomic ARMv8 and RISC-V

Christopher Pulte, Apollo-University Of Cambridge Repository, Apollo-University Of Cambridge Repository, Peter Michael Sewell
2019
This thesis aims to provide a better understanding for the relaxed memory concurrency models of the architectures ARMv8, RISC-V, and (to a lesser degree) Power.  ...  Finally, in order to give a simpler explanation of the MCA ARMv8 and RISC-V concurrency models for programmers, we develop an equivalent operational concurrency model in a different style.  ...  Peter made time for me whenever I needed help, and provided patient support and valuable guidance, whether on the PhD work or anything else.  ... 
doi:10.17863/cam.39379 fatcat:f5ysq6gov5czpncokc33b7r3tu

SPECTECTOR: Principled Detection of Speculative Information Flows [article]

Marco Guarnieri, Boris Köpf, José F. Morales, Jan Reineke, Andrés Sánchez
2019 arXiv   pre-print
Since the advent of SPECTRE, a number of countermeasures have been proposed and deployed.  ...  In this paper (1) we put forward speculative non-interference, the first semantic notion of security against speculative execution attacks, and (2) we develop SPECTECTOR, an algorithm based on symbolic  ...  Acknowledgments: We thank Roberto Giacobazzi, Matt Miller, and Matthew Parkinson for helpful discussions.  ... 
arXiv:1812.08639v2 fatcat:lxcjygadcbdlfmufnbsom7pif4