| Title | : | Detecting and Localizing Timing Vulnerabilities in Microprocessors |
| Speaker | : | Pallavi Borkar (IITM) |
| Details | : | Tue, 7 Nov, 2023 12:00 PM @ SSB 334 |
| Abstract: | : | The evolution in computer architecture has significantly amplified the complexity of hardware design, introducing various security vulnerabilities within the hardware. The number of newly detected hardware vulnerabilities has increased from 3 vulnerabilities in 2012 to 92 in 2022. The vulnerabilities that exploit timing characteristics of the microarchitecture are of particular concern as they can leak sensitive information, undermining the entire system’s security. Existing strategies for detecting such timing vulnerabilities cannot identify their locations or root causes nor provide coverage feedback to enable the designer’s confidence in the processor’s security. We propose Meerkat, a timing vulnerability detection strategy that aims to detect and localize timing vulnerabilities in processors and evaluate the coverage of tested microarchitectural timing behaviors. Meerkat automatically extracts microarchitectural state transitions from a processor design at the register-transfer level (RTL) and instruments the design to monitor the state transitions as coverage. Moreover, Meerkat measures the time a design-under-test (DUT) takes to process tests, identifying any minor, abnormal variations that may hint at a timing vulnerability. We use Meerkat to detect 12 new timing vulnerabilities across advanced open-sourced RISC-V processors: BOOM, Rocket Core, and CVA6. Eight of these violate the zero latency requirements of the Zkt extension and are considered severe security vulnerabilities. Moreover, Meerkat also pinpoints the locations of the new and the existing vulnerabilities. |
