Abstract
A transient fault is a temporary, one-time event that causes a change in state or erroneous signal transfer in a digital circuit. These faults do not cause permanent damage, but when they strike conventional processors, they may result in incorrect program execution. While detecting and correcting faults in first-order data may be accomplished relatively easily by adding redundancy, protecting against faults during control flow transfers is substantially more difficult. This paper analyzes the problem of maintaining the control-flow integrity of a program in the face of transient faults from a formal theoretical perspective. More specifically, we augment the operational semantics of an idealized assembly language with additional rules that model erroneous control-flow transfers. Next, we explain a strategy for detecting control-flow errors based on previous work by Oh [10] and Reis [15]. In order to reason about the correctness of the strategy relative to our fault model, we develop a new assembly-level type system designed to guarantee that any control flow transfer to an incorrect block will be caught before control leaves that block. The key technical result of the paper is a rigorous proof of this fundamental control-flow property for well-typed programs.
This research is funded in part by NSF award CNS-0627650 and a Microsoft graduate fellowship. We would like to thanks Andrew Appel, David August, George Reis and Neil Vachharajani for many enlightening discussions on transient faults, harware mechanisms and fault tolerance.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: Control-flow integrity: Principles, implementations, and applications. In: ACM Conference on Computer and Communications Security (November 2005)
Abadi, M., Budiu, M.: A theory of secure control flow. In: International Conference on Formal Engineering Methods (November 2005)
Baumann, R.C.: Soft errors in advanced semiconductor devices-part I: the three radiation sources. IEEE Transactions on Device and Materials Reliability 1(1), 17–22 (2001)
Baumann, R.C.: Soft errors in commercial semiconductor technology: Overview and scaling trends. In: IEEE 2002 Reliability Physics Tutorial Notes, Reliability Fundamentals, pp. 121_01.1–121_01.14 (April 2002)
Borin, E., Wang, C., Wu, Y., Araujo, G.: Software-based transparent and comprehensive control-flow error detection. In: CGO 2006: Proceedings of the International Symposium on Code Generation and Optimization, Washington, DC, USA, pp. 333–345. IEEE Computer Society Press, Los Alamitos (2006)
Borkar, S.: Designing reliable systems from unreliable components: the challenges of transistor variability and degradation. In: IEEE Micro., vol. 25, pp. 10–16 (December 2005)
Elsman, M.: Fault-tolerant voting in a simply-typed lambda calculus. Technical Report ITU-TR-2007-99, IT University of Copenhagen, Rued Langgaards Vej 7, DK-2300 Copenhagen S, Denmark (June 2007)
Michalak, S.E., Harris, K.W., Hengartner, N.W., Takala, B.E., Wender, S.A.: Predicting the number of fatal soft errors in Los Alamos National Labratory’s ASC Q computer. IEEE Transactions on Device and Materials Reliability 5(3), 329–335 (2005)
O’Gorman, T.J., Ross, J.M., Taber, A.H., Ziegler, J.F., Muhlfeld, H.P., Montrose, I.C.J., Curtis, H.W., Walsh, J.L.: Field testing for cosmic ray soft errors in semiconductor memories. IBM Journal of Research and Development, 41–49 (January 1996)
Oh, N., Shirvani, P.P., McCluskey, E.J.: Control-flow checking by software signatures. In: IEEE Transactions on Reliability, vol. 51, pp. 111–122 ( March 2002)
Perry, F., Mackey, L., Reis, G.A., Ligatti, J., August, D.I., Walker, D.: Fault-tolerant typed assembly language. In: International Symposium on Programming Language Design and Implementation (PLDI) (June 2007)
Perry, F., Walker, D.: Reasoning about control flow in the presence of transient faults. Technical Report TR-799-07, Princeton University (2007)
Perry, F., Walker, D.: Reasoning about control flow in the presence of transient faults - online proof appendix (2007), Web site: http://www.cs.princeton.edu/sip/projects/zap/tal_cf/
Reinhardt, S.K., Mukherjee, S.S.: Transient fault detection via simultaneous multithreading. In: Proceedings of the 27th Annual International Symposium on Computer Architecture, pp. 25–36. ACM Press, New York (2000)
Reis, G.A., Chang, J., Vachharajani, N., Rangan, R., August, D.I.: SWIFT: Software implemented fault tolerance. In: Proceedings of the 3rd International Symposium on Code Generation and Optimization (March 2005)
Reis, G.A., Chang, J., Vachharajani, N., Rangan, R., August, D.I., Mukherjee, S.S.: Design and evaluation of hybrid fault-detection systems. In: Proceedings of the 32th Annual International Symposium on Computer Architecture, pp. 148–159 (June 2005)
Shivakumar, P., Kistler, M., Keckler, S.W., Burger, D., Alvisi, L.: Modeling the effect of technology trends on the soft error rate of combinational logic. In: Proceedings of the 2002 International Conference on Dependable Systems and Networks, pp. 389–399 ( June 2002)
Walker, D., Mackey, L., Ligatti, J., Reis, G., August, D.I.: Static typing for a faulty lambda calculus. In: ACM International Conference on Functional Programming, Portland, Oregon (September 2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Perry, F., Walker, D. (2008). Reasoning about Control Flow in the Presence of Transient Faults . In: Alpuente, M., Vidal, G. (eds) Static Analysis. SAS 2008. Lecture Notes in Computer Science, vol 5079. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69166-2_22
Download citation
DOI: https://doi.org/10.1007/978-3-540-69166-2_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69163-1
Online ISBN: 978-3-540-69166-2
eBook Packages: Computer ScienceComputer Science (R0)