Dr. Jakub Szefer and Shuwen Deng
Recently, a set of new security threats abusing operation of the processor frontend has been publicized in top architecture conferences, including ISCA 2021, MICRO 2021, and the upcoming HPCA 2022. The new, previously not considered threats target the processor frontend which is composed of the Micro-Instruction Translation Engine (MITE), Decode Stream Buffer (DSB), also called the Micro-op Cache, and Loop Stream Detector (LSD). Processors from major vendors are currently known to be vulnerable to these threats. With the quickly evolving state-of-the-art processor frontend security, this seminar aims to give an up-to-date and concise introduction to the processor frontend and the security issues it brings about. The root causes of the security threats are the multiple paths in the processor frontend that the micro-ops can take while being decoded: through the MITE, DSB (also called the Micro-op Cache), or through the LSD. Each path has its own unique timing and power signatures, which lead to the new types of side- and covert- channel attacks, which this seminar will overview. The new threats are especially stealthy as they bypass many existing defenses such as hardware defenses for the caches. The new attacks happen before or while the instructions are decoded into micro-ops while majority of the existing, well-known attacks has focused on the operation of the processor backend. Moreover, the new security threats are not limited to multi-threading, and researchers have shown ways for leaking execution information of SGX enclaves or different, new variants of Spectre attacks, for example. The seminar will end by covering potential defenses to these new types of threats and highlight research challenges in creating secure processors.
Intended Learning Outcomes (ILOs):
Upon the completion of this webinar, trainees should be able to:
- Understand architectures of modern processor frontends
- Understand designs of Micro Instruction Translation Engine (MITE), Decode Stream Buffer (DSB), also called the Micro-op Cache, and Loop Stream Detector (LSD)
- Understand new, recently presented covert- and side-channel attacks leveraging the processor frontend components
- Understand possible defenses for the recently presented processor frontend attacks
Design engineers, senior undergraduate students, graduate students, and decision-makers who are interested in understanding the sources of security attacks on modern computer processors, and research challenges which they bring about.
Dr. Jakub Szefer’s research focuses on computer architecture and hardware security. His research encompasses secure processor architectures, cloud security, FPGA attacks and defenses, and hardware FPGA implementation of cryptographic algorithms. His research is supported through National Science Foundation and industry grants and donations. He is currently an Associate Professor of Electrical Engineering at Yale University, where he leads the Computer Architecture and Security Laboratory (CASLAB). Prior to joining Yale, he received Ph.D. and M.A. degrees in Electrical Engineering from Princeton University, and B.S. degree with highest honors in Electrical and Computer Engineering from University of Illinois at Urbana-Champaign. He has received the NSF CAREER award in 2017. Jakub is the author of first book focusing on processor architecture security: “Principles of Secure Processor Architecture Design”, published in 2018. Recently, he has been promoted to the IEEE Senior Member rank in 2019. Details of Jakub’s research can be found at: https://caslab.csl.yale.edu/~jakubS
Shuwen Deng is a final-year Ph.D. candidate at Yale University. Her research interests span computer architecture and security. Especially, she focuses on developing and verifying secure processor microarchitectures by developing side-channel vulnerability checking schemes, as well as proposing tools for developing practical and scalable security hardware architectural defenses. She is also interested in security verification. She is the recipient of the 2020 Google Fellowship in Privacy and Security and a Elihu Elias Dickerman Fellowship. She is currently on the job market.