research-article

IVEC: off-chip memory integrity protection for both security and reliability

Authors:
Ruirui Huang

Cornell University, Ithaca, NY, USA

Cornell University, Ithaca, NY, USA
View Profile

,
G. Edward Suh

Cornell University, Ithaca, NY, USA

Cornell University, Ithaca, NY, USA
View Profile

ISCA '10: Proceedings of the 37th annual international symposium on Computer architectureJune 2010Pages 395–406https://doi.org/10.1145/1815961.1816015

Published:19 June 2010Publication History

ISCA '10: Proceedings of the 37th annual international symposium on Computer architecture

Pages 395–406

ABSTRACT

This paper proposes a unified off-chip memory integrity protection scheme, named IVEC. Today, a system needs two independent mechanisms in order to protect the memory integrity from both physical attacks and random errors. Integrity verification schemes detect malicious tampering of memory while error correcting codes (ECC) detect and correct random errors. IVEC enables both detection of malicious attacks for security and correction of random errors for reliability at the same time by extending the integrity verification techniques. Analytical and experimental studies show that IVEC can correct single-bit errors and even multi-bit errors from one DRAM chip within a cache block read without any additional ECC bits, when the integrity verification is also required for security, effectively removing the memory and bandwidth overheads (12.5%) of typical ECC schemes. Alternatively, with parity bits, IVEC can provide even stronger error correction capabilities comparable to the traditional chip-kill correct, still with less overheads. For both cases, IVEC can use standard non-ECC DIMMs.

References

AMD. BIOS and kernel developer's guide for AMD NPT family 0Fh processors, July 2007. http://support.amd.com/us/Processor_TechDocs/32559.pdf.Google Scholar
E. R. Berlekamp. Algebraic Coding Theory, Revised Edition. 1984.Google Scholar
C. L. Chen. Error-correcting codes with byte error-detection capability. IEEE Trans. Comput., 32(7):615--621, 1983. Google ScholarDigital Library
CNNMoney.com. IBM launches new security technology, 2006. http://money.cnn.com/2006/04/10/technology/IBM_security/.Google Scholar
T. J. Dell. A white paper on the benefits of chipkill-correct ECC for PC server main memory. IBM Microelectronics, 1997.Google Scholar
A. Dutta and N. A. Touba. Multiple bit upset tolerant memory using a selective cycle avoidance based SEC-DED-DAEC code. VLSI Test Symposium, IEEE, 2007. Google ScholarDigital Library
M. Dworkin. Recommendation for block cipher modes of operation: Galois/counter mode(GCM) and GMAC, November 2007.Google Scholar
B. Gassend, G. E. Suh, D. Clarke, M. van Dijk, and S. Devadas. Caches and merkle trees for efficient memory integrity verification. In Proceedings of 9th International Symposium on High Performance Computer Architecture (HPCA), 2003. Google ScholarDigital Library
M. Hamada and E. Fujiwara. A class of error control codes for byte organized memory systems-sbec-(sb+s)ed codes-. IEEE Trans. Comput., 46(1):105--109, 1997. Google ScholarDigital Library
R. W. Hamming. Error detecting and correcting codes. Bell Systems Technical Journal, 29(2):147--163, 1950.Google ScholarCross Ref
J. L. Henning. SPEC CPU2000: Measuring CPU performance in the new millennium. IEEE Computer, July 2000. Google ScholarDigital Library
M. Y. Hsiao. A class of optimal minumum odd-weightcolumn SEC-DED codes. IBM Journal of Research and Developement, 14(4):395--401, 1970. Google ScholarDigital Library
A. Huang. Keeping secrets in hardware: The microsoft XboxTM case study. In CHES, volume 2523 of Lecture Notes in Computer Science, 2002. Google ScholarDigital Library
H. Krawczyk, M. Bellare, and R. Canetti. RFC 2104: HMAC: Keyed-Hashing for Message Authentication, Feb. 1997.Google Scholar
P. K. Lala. An adaptive double error corrrection scheme for semiconductor memory systems. Digital Processes, 4, 1978.Google Scholar
L. Li, V. Degalahal, N. Vijaykrishnan, M. Kandemir, and M. Irwini. Soft error and energy consumption interactions: A data cache perspective. Proceedings of International Symposium on Low Power Electronics and Design (ISLPED), August 2004. Google ScholarDigital Library
D. Locklear. Chipkill correct memory architecture. Dell Enterprise Systems Group technology brief, August 2000.Google Scholar
C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood. Pin: Building customized program analysis tools with dynamic instrumentation. In Proceedings of the 2005 Conference on Programming Language Design and Implementation International (PLDI), June 2005. Google ScholarDigital Library
J. Maiz, S. Hareland, K. Zhang, and P. Armstrong. Characterization of multi-bit soft error events in advanced SRAMs. In IEEE International Electron Devices Meeting, 2003.Google ScholarCross Ref
R. C. Merkle. Protocols for public key cryptography. In IEEE Symposium on Security and Privacy, 1980.Google Scholar
N. Nakka, Z. Kalbarczyk, R. K. Iyer, and J. Xu. An architectural framework for providing reliability and security support. In Proceedings of the 2004 International Conference on Dependable Systems and Networks (DSN), 2004. Google ScholarDigital Library
R. Naseer and J. Draper. Parallel double error correcting code design to mitigate multi-bit upsets in SRAMs. Solid-State Circuits Conference, 2008.Google ScholarCross Ref
NIST. FIPS PUB 180-1: Secure Hash Standard, April 1995.Google Scholar
NIST. FIPS PUB 180-2: Secure Hash Standard, August 2002.Google Scholar
K. Osada, K. Yamaguchi, Y. Saitoh, and T. Kawahara. SRAM immunity to cosmic-ray-induced multierrors based on analysis of an induced parasitic bipolar effect. Solid-State Circuits, IEEE Journal of, 39(5):827--833, May 2004.Google Scholar
E. Perelman, G. Hamerly, and B. Calder. Picking statistically valid and early simulation points. In Proceedings of the 12th International Conference on Parallel Architectures and Compilation Techniques (PACT), 2003. Google ScholarDigital Library
B. Rogers, S. Chhabra, M. Prvulovic, and Y. Solihin. Using address independent seed encryption and Bonsai merkle trees to make secure processors OSand performance-friendly. In Proceedings of the 40th Annual IEEE/ACM International Symposium on Microarchitecture, 2007. Google ScholarDigital Library
N. N. Sadler and D. J. Sorin. Choosing an error protection scheme for a microprocessor's L1 data cache. In Proceedings of International Conference on Computer Design (ICCD), 2006.Google ScholarCross Ref
B. Schroeder, E. Pinheiro, and W. Weber. DRAM errors in the wild: a large-scale field study. In ACM SIGMETRICS, pages 193--204, 2009. Google ScholarDigital Library
C. W. Slayman. Cache and memory error detection, correction, and reduction techniques for terrestrial servers and workstations. IEEE Transactions on Devices and Materials Reliability, 5(3), 2005.Google Scholar
Sun Microsystems Inc. OpenSPARC T2 System-On-Chip (SOC) microarchitecture specification, May 2008.Google Scholar
S. Vlaovic. TAXI: Trace analysis for x86 interpretation. In Proceedings of the 2002 IEEE International Conference on Computer Design, 2002. Google ScholarDigital Library
C. Yan, D. Englender, M. Prvulovic, B. Rogers, and Y. Solihin. Improving cost, performance, and security of memory encryption and authentication. In Proceedings of the 33rd International Symposium on Computer Architecture (ISCA), June 2006. Google ScholarDigital Library
D. Yoon and M. Erez. Memory mapped ECC: Low-cost error protection for last level caches. Proceedings of 36th International Symp Computer Architecture (ISCA), June 2009. Google ScholarDigital Library
D. H. Yoon and M. Erez. Virtualized and flexible ecc for main memory. In Proceedings of the 15th Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2010. Google ScholarDigital Library

Index Terms

IVEC: off-chip memory integrity protection for both security and reliability
1. Hardware
  1. Hardware test
    1. Memory test and repair
  2. Robustness
    1. Fault tolerance
      1. Error detection and error correction

Recommendations

IVEC: off-chip memory integrity protection for both security and reliability
ISCA '10

This paper proposes a unified off-chip memory integrity protection scheme, named IVEC. Today, a system needs two independent mechanisms in order to protect the memory integrity from both physical attacks and random errors. Integrity verification schemes ...
Read More
Virtualized ECC: Flexible Reliability in Main Memory

Virtualized error checking and correcting (ECC) is a scheme that virtualizes memory-error correction. Unlike traditional uniform ECC, which provides a fixed level of error tolerance, virtualized ECC enables flexible memory protection by mapping ...
Read More
Virtualized and flexible ECC for main memory
ASPLOS XV: Proceedings of the fifteenth International Conference on Architectural support for programming languages and operating systems

We present a general scheme for virtualizing main memory error-correction mechanisms, which map redundant information needed to correct errors into the memory namespace itself. We rely on this basic idea, which increases flexibility to increase error ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
ISCA '10: Proceedings of the 37th annual international symposium on Computer architecture
June 2010
520 pages
ISBN:9781450300537
DOI:10.1145/1815961
General Chair:
André Seznec
INRIA Rennes
,
Program Chairs:
Uri Weiser
Technion
,
Ronny Ronen
Intel
ACM SIGARCH Computer Architecture News Volume 38, Issue 3
ISCA '10
June 2010
508 pages
ISSN:0163-5964
DOI:10.1145/1816038
Issue’s Table of Contents
Copyright © 2010 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 19 June 2010
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
error correction
error detection
fault tolerance
memory systems
reliability
security
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate543of3,203submissions,17%
Upcoming Conference
ISCA '24

Sponsor:

sigarch

ISCA '24: The 51st Annual International Symposium on Computer Architecture

June 29 - July 3, 2024

Buenos Aires , Argentina
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 20
  Total Citations
  View Citations
- 959
  Total Downloads
- Downloads (Last 12 months)32
- Downloads (Last 6 weeks)2
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

IVEC: off-chip memory integrity protection for both security and reliability

ISCA '10: Proceedings of the 37th annual international symposium on Computer architecture

ABSTRACT

References

Cited By

Index Terms

Recommendations

IVEC: off-chip memory integrity protection for both security and reliability

Virtualized ECC: Flexible Reliability in Main Memory

Virtualized and flexible ECC for main memory