research-article

Cache side-channel attacks and time-predictability in high-performance critical real-time systems

Authors:

Carles Hernandez,

Francisco J. CazorlaAuthors Info & Claims

DAC '18: Proceedings of the 55th Annual Design Automation Conference

Article No.: 98, Pages 1 - 6

https://doi.org/10.1145/3195970.3196003

Published: 24 June 2018 Publication History

Abstract

Embedded computers control an increasing number of systems directly interacting with humans, while also manage more and more personal or sensitive information. As a result, both safety and security are becoming ubiquitous requirements in embedded computers, and automotive is not an exception to that. In this paper we analyze time-predictability (as an example of safety concern) and side-channel attacks (as an example of security issue) in cache memories. While injecting randomization in cache timing-behavior addresses each of those concerns separately, we show that randomization solutions for time-predictability do not protect against side-channel attacks and vice-versa. We then propose a randomization solution to achieve both safety and security goals.

References

[1]

J. Abella et al. 2015. WCET Analysis Methods: Pitfalls and Challenges on their Trustworthiness. In SIES.

[2]

O. Aciicmez et al. 2011. Method and system for securing instruction caches using substantially random instruction mapping scheme. (Nov. 8 2011). http://www.google.tl/patents/US8055848 US Patent 8,055,848.

[3]

I. Agirre et al. 2015. IEC-61508 SIL 3 Compliant Pseudo-Random Number Generators for Probabilistic Timing Analysis. In DSD.

Digital Library

[4]

V. Bene al. 1964. Optimal Rearrangeable Multistage Connecting Networks. In Bell System Technical Journal.

[5]

ARM. 2001. ARM920T Technical Reference Manual.

[6]

ARM. 2015. ARM Expects Vehicle Compute Performance to Increase 100x in Next Decade. Technical Report. ARM. https://www.arm.com/about/newsroom/arm-expects-vehicle-compute-performance-to-increase-100x-in-next-decade.php.

[7]

D.J. Bernstein. 2005. Cache-timing attacks on AES. In Tech. Rep.

[8]

J. Bonneau and I. Mironov. 2006. Cache-Collision Timing Attacks Against AES. In CHES.

Digital Library

[9]

G.E.P. Box and D.A. Pierce. 1970. Distribution of Residual Autocorrelations in Autoregressive-Integrated Moving Average Time Series Models. J. Amer. Statist. Assoc. (1970).

[10]

L. Cucu-Grosjean et al. 2012. Measurement-Based Probabilistic Timing Analysis for Multi-path Programs. In ECRTS.

Digital Library

[11]

L. Domnitser et al. 2012. Non-monopolizable caches: Low-complexity mitigation of cache side channel attacks. In ACM TACO.

Digital Library

[12]

Qian Ge et al. 2017. A Survey of Microarchitectural Timing Attacks and Counter-measures on Contemporary Hardware. In Journal of Cryptographic Engineering.

[13]

W. Feller. 1996. An introduction to Probability Theory and Its Applications.

[14]

M. Fernández et al. 2017. Probabilistic timing analysis on time-randomized platforms for the space domain. In DATE.

Digital Library

[15]

C. Hernandez et al. 2016. Random Modulo: a New Processor Cache Design for Real-Time Critical Systems. In DAC.

Digital Library

[16]

L. Kosmidis et al. 2013. A Cache Design for Probabilistically Analysable Real-time Systems. In DATE.

Digital Library

[17]

L. Kosmidis et al. 2016. Measurement-Based Timing Analysis of the AURIX Caches. In WCET Workshop.

[18]

F. Liu and R.B. Lee. 2014. Random Fill Cache Architecture. In MICRO.

Digital Library

[19]

E. Mezzetti and T. Vardanega. 2013. A rapid cache-aware procedure positioning optimization to favor incremental development. In RTAS.

Digital Library

[20]

M. Paolieri et al. 2009. Hardware Support for WCET Analysis of Hard Real-Time Multicore Systems. In ISCA.

Digital Library

[21]

M. Slijepcevic et al. 2014. Time-Analysable Non-Partitioned Shared Caches for Real-Time Multicore Systems. In DAC.

Digital Library

[22]

SoCLib. 2003-2012. -. (2003-2012). http://www.soclib.fr/trac/dev.

[23]

J. Szefer. 2016. Survey of Microarchtiectural Side and Covert Channels, Attacks and Defenses. In IACR Archive.

[24]

D. Trilla et al. 2016. Resilient Random Modulo Cache Memories for Probabilistically-Analyzable Real-Time Systems. In IOLTS.

[25]

Y. Tsunoo et al. 2003. Cryptoanalysis of DES implemented on computers with cache. In CHES.

[26]

http://www.gaisler.com/index.php/products/processors/leon3. {n. d.}. Leon3 Processor. Arerofiex Gaisler.

[27]

Z. Wang and R.B. Lee. 2007. New Cache Designs for Thwarting software Cache-based Side Channel Attacks. In ISCA.

Digital Library

[28]

Z. Wang and R.B. Lee. 2008. A Novel Cache Architecture with Enhanced Performance and Security. In MICRO.

Digital Library

[29]

F. Wartel et al. 2013. Timing Analysis of an Avionics Case Study on Complex Hardware/Software Platforms. In SIES.

Digital Library

Cited By

Zhang JChen CCui JLi K(2024)Timing Side-Channel Attacks and Countermeasures in CPU MicroarchitecturesACM Computing Surveys10.1145/3645109Online publication date: 7-Feb-2024
https://doi.org/10.1145/3645109
Stegmeier AKnauer PSchubaur PPiatka CMerli DAltmeyer S(2024)Safe and Secure? On the Timing Analysability of Cryptographic Implementations2024 IEEE 30th Real-Time and Embedded Technology and Applications Symposium (RTAS)10.1109/RTAS61025.2024.00014(68-80)Online publication date: 13-May-2024
https://doi.org/10.1109/RTAS61025.2024.00014
Buyuktosunoglu ATrilla DAbali BBerger DWalters CLee J(2024)Enterprise-Class Cache Compression Design2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA57654.2024.00080(996-1011)Online publication date: 2-Mar-2024
https://doi.org/10.1109/HPCA57654.2024.00080
Show More Cited By

Recommendations

New cache designs for thwarting software cache-based side channel attacks
ISCA '07: Proceedings of the 34th annual international symposium on Computer architecture

Software cache-based side channel attacks are a serious new class of threats for computers. Unlike physical side channel attacks that mostly target embedded cryptographic devices, cache-based side channel attacks can also undermine general purpose ...
A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks, and Defenses in Cryptography
Invited Tutorial

Side-channel attacks have become a severe threat to the confidentiality of computer applications and systems. One popular type of such attacks is the microarchitectural attack, where the adversary exploits the hardware features to break the protection ...
How secure is your cache against side-channel attacks?
MICRO-50 '17: Proceedings of the 50th Annual IEEE/ACM International Symposium on Microarchitecture

Security-critical data can leak through very unexpected side channels, making side-channel attacks very dangerous threats to information security. Of these, cache-based side-channel attacks are some of the most problematic. This is because caches are ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

DAC '18: Proceedings of the 55th Annual Design Automation Conference

June 2018

1089 pages

ISBN:9781450357005

DOI:10.1145/3195970

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

EDAC: Electronic Design Automation Consortium
SIGDA: ACM Special Interest Group on Design Automation
IEEE Council on Electronic Design Automation (CEDA)

In-Cooperation

SIGBED: ACM Special Interest Group on Embedded Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 June 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Spanish Ministry of Science and Innovation

Conference

DAC '18

Sponsor:

EDAC
SIGDA

DAC '18: The 55th Annual Design Automation Conference 2018

June 24 - 29, 2018

California, San Francisco

Acceptance Rates

Overall Acceptance Rate 1,770 of 5,499 submissions, 32%

Upcoming Conference

DAC '25

Sponsor:
sigda

62nd ACM/IEEE Design Automation Conference

June 22 - 26, 2025

San Francisco , CA , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
456
Total Downloads

Downloads (Last 12 months)35
Downloads (Last 6 weeks)2

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang JChen CCui JLi K(2024)Timing Side-Channel Attacks and Countermeasures in CPU MicroarchitecturesACM Computing Surveys10.1145/3645109Online publication date: 7-Feb-2024
https://doi.org/10.1145/3645109
Stegmeier AKnauer PSchubaur PPiatka CMerli DAltmeyer S(2024)Safe and Secure? On the Timing Analysability of Cryptographic Implementations2024 IEEE 30th Real-Time and Embedded Technology and Applications Symposium (RTAS)10.1109/RTAS61025.2024.00014(68-80)Online publication date: 13-May-2024
https://doi.org/10.1109/RTAS61025.2024.00014
Buyuktosunoglu ATrilla DAbali BBerger DWalters CLee J(2024)Enterprise-Class Cache Compression Design2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA57654.2024.00080(996-1011)Online publication date: 2-Mar-2024
https://doi.org/10.1109/HPCA57654.2024.00080
Giner LSteinegger SPurnal AEichlseder MUnterluggauer TMangard SGruss D(2023)Scatter and Split Securely: Defeating Cache Contention and Occupancy Attacks2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179440(2273-2287)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179440
Holtryd NManivannan MStenström P(2023)SoK: Analysis of Root Causes and Defense Strategies for Attacks on Microarchitectural Optimizations2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP57164.2023.00044(631-650)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSP57164.2023.00044
Escouteloup MLashermes RFournier JLanet J(2022)Under the Dome: Preventing Hardware Timing Information LeakageSmart Card Research and Advanced Applications10.1007/978-3-030-97348-3_13(233-253)Online publication date: 9-Mar-2022
https://doi.org/10.1007/978-3-030-97348-3_13
Luna RIslam S(2021)Security and Reliability of Safety-Critical RTOSSN Computer Science10.1007/s42979-021-00753-y2:5Online publication date: 25-Jun-2021
https://doi.org/10.1007/s42979-021-00753-y
Guha KSaha SChakrabarti AGuha KSaha SChakrabarti A(2021)Introduction to Hardware Security for FPGA Based SystemsSelf Aware Security for Real Time Task Schedules in Reconfigurable Hardware Platforms10.1007/978-3-030-79701-0_4(69-89)Online publication date: 24-Aug-2021
https://doi.org/10.1007/978-3-030-79701-0_4
Mosquera FGulur NKavi KMehta GSun H(2020)CHASM: Security Evaluation of Cache Mapping SchemesEmbedded Computer Systems: Architectures, Modeling, and Simulation10.1007/978-3-030-60939-9_17(245-261)Online publication date: 7-Oct-2020
https://doi.org/10.1007/978-3-030-60939-9_17
Werner MUnterluggauer TGiner LSchwarz MGruss DMangard SHeninger NTraynor P(2019)SCATTERCACHEProceedings of the 28th USENIX Conference on Security Symposium10.5555/3361338.3361385(675-692)Online publication date: 14-Aug-2019
https://dl.acm.org/doi/10.5555/3361338.3361385

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten