XMLWordPrintable

      Covert channels are communication channels that a supervisor cannot observe or control. Timing channels are covert channels that exploit timing interferences caused by competition for shared microarchitectural resources, such as caches, buffers, and branch predictors. For instance, timing channels can be used to extract secrets as part of a microarchitectural speculation attack, such as Spectre-like attacks.

      To prevent timing channels, shared hardware resources must be strictly partitioned between isolated applications. The Timing Fences Task Group will propose a small ISA extension to enable such partitioning of shared microarchitectural states. For instance, we will introduce a temporal fence instruction that can be used to temporally partition shared on-core microarchitectural states by clearing them, e.g., when switching between isolated applications.

      The proposed RISC-V Timing Fences TG will collaborate to produce:

      • A small ISA extension (possibly no more than one or two instructions, or only a new CSR).
      • A non-normative short guide: defining threat models, developing rationale, etc.
      • A proof-of-concept implementation, including both a prototype RISC-V core and a compiler that manages the necessary intrinsics.
      • A test strategy guide, including a test suite for common covert channels.
      • The Sail model corresponding to this extension.

      The TG will work with the appropriate Priv/Unpriv ISA committee, Architecture Review Committee, and Security HC.

            Unassigned Unassigned
            rsene Rafael Sene
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: