3 Hits in 1.8 sec

InSpectre: Breaking and Fixing Microarchitectural Vulnerabilities by Formal Analysis [article]

Roberto Guanciale and Musard Balliu and Mads Dam
2020 arXiv   pre-print
Such a model would be very useful, as it would allow the existence and non-existence of vulnerabilities, and soundness of countermeasures to be formally established.  ...  We use the model to elucidate the security of existing and new vulnerabilities, as well as to formally analyze the effectiveness of proposed countermeasures.  ...  InSpectre can help formalizing these hardware features and analyzing their security.  ... 
arXiv:1911.00868v2 fatcat:ckeq7eb5vzhuhodal3mdowk4bu

SoK: Practical Foundations for Software Spectre Defenses [article]

Sunjay Cauligi, Craig Disselkoen, Daniel Moghimi, Gilles Barthe, Deian Stefan
2022 arXiv   pre-print
As a result of our analysis, we suggest practical choices for developers of analysis and mitigation tools, and we identify several open problems in this area to guide future work on grounded software defenses  ...  To defend against Spectre, developers of verification tools and compiler-based mitigations are forced to reason about microarchitectural details such as speculative execution.  ...  We thank Matthew Kolosick for helping us understand some of the formal systems discussed and in organizing the paper. This work was supported in part by gifts from  ... 
arXiv:2105.05801v3 fatcat:456zmxojcbc2hllvattuuckhpu

Relational Models of Microarchitectures for Formal Security Analyses [article]

Nicholas Mosier, Hanna Lachnitt, Hamed Nemati, Caroline Trippel
2021 arXiv   pre-print
Second, we develop a static analysis tool based on LCMs which automatically identifies Spectre vulnerabilities in programs and scales to analyze realistic-sized codebases, like libsodium.  ...  and the microarchitecture it represents.  ...  ACKNOWLEDGEMENTS We would like to thank John Mitchell and Clark Barrett for their valuable discussions and feedback on this work.  ... 
arXiv:2112.10511v1 fatcat:ylcaex3mxfatrl2sezl5hl2iha