Related papers: Systematic Prevention of On-Core Timing Channels by Full Temporal Partitioning

Systematic Prevention of On-Core Timing Channels by Full Temporal Partitioning

URL: http://arxiv.org/abs/2202.12029v2
Date: Mon, 13 Oct 2025 16:32:37 GMT
Title: Systematic Prevention of On-Core Timing Channels by Full Temporal Partitioning
Authors: Nils Wistoff, Moritz Schneider, Frank K. Gürkaynak, Gernot Heiser, Luca Benini,
Abstract summary: We introduce the temporal fence instruction fence.t, which provides the required mechanisms by clearing vulnerable microarchitectural state.<n>We implement fence.t on an experimental version of the seL4 microkernel and CVA6, an open-source, in-order, application class, 64-bit RISC-V core.<n>We find that a complete, systematic, ISA-supported erasure of all non-architectural core components is the most effective implementation.
Score: 13.313360308792198
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Microarchitectural timing channels enable unwanted information flow across security boundaries, violating fundamental security assumptions. They leverage timing variations of several state-holding microarchitectural components and have been demonstrated across instruction set architectures and hardware implementations. Analogously to memory protection, Ge et al. have proposed time protection for preventing information leakage via timing channels. They also showed that time protection calls for hardware support. This work leverages the open and extensible RISC-V instruction set architecture (ISA) to introduce the temporal fence instruction fence.t, which provides the required mechanisms by clearing vulnerable microarchitectural state and guaranteeing a history-independent context-switch latency. We propose and discuss three different implementations of fence.t and implement them on an experimental version of the seL4 microkernel and CVA6, an open-source, in-order, application class, 64-bit RISC-V core. We find that a complete, systematic, ISA-supported erasure of all non-architectural core components is the most effective implementation while featuring a low implementation effort, a minimal performance overhead of less than 1%, and negligible hardware costs.

Related papers

Boosting Device Utilization in Control Flow Auditing [47.36491265793223]
Control Flow (CFAud) is a mechanism wherein a remote verifier (Vrf) is guaranteed to received evidence about the control flow path taken on a prover (Prv) MCU, even when Prv software is compromised.<n>Current CFAud requires a busy-wait'' phase where root-of-anchored root-of-RoT in Prv retains execution to ensure delivery of flow evidence to Vrf.<n>CARAMEL is a hardware RoT co-design that enables Prv to resume while control flow evidence is transmitted to Vrf.
arXiv Detail & Related papers (2026-03-02T18:26:17Z)
Blockchain-Enabled Routing for Zero-Trust Low-Altitude Intelligent Networks [77.17664010626726]
We focus on the routing with multiple UAV clusters in low-altitude intelligent networks (LAINs)<n>To minimize the damage caused by potential threats, we present the zero-trust architecture with the software-defined perimeter and blockchain techniques.<n>We show that the proposed framework reduces the average E2E delay by 59% and improves the TSR by 29% on average compared to benchmarks.
arXiv Detail & Related papers (2026-02-27T04:30:35Z)
CaMeLs Can Use Computers Too: System-level Security for Computer Use Agents [60.98294016925157]
AI agents are vulnerable to prompt injection attacks, where malicious content hijacks agent behavior to steal credentials or cause financial loss.<n>We introduce Single-Shot Planning for CUAs, where a trusted planner generates a complete execution graph with conditional branches before any observation of potentially malicious content.<n>Although this architectural isolation successfully prevents instruction injections, we show that additional measures are needed to prevent Branch Steering attacks.
arXiv Detail & Related papers (2026-01-14T23:06:35Z)
Variable Record Table: A Unified Hardware-Assisted Framework for Runtime Security [0.0]
This paper presents a Variable Record Table (VRT) with a unified hardware- assisted framework.<n>VRT enforces spatial memory safety against buffer overflows, back-edge control-flow integrity (CFI), and speculative execution attack detection.
arXiv Detail & Related papers (2025-12-14T07:04:49Z)
Towards a Multi-Layer Defence Framework for Securing Near-Real-Time Operations in Open RAN [4.240433132593161]
Securing the near-real-time (near-RT) control operations in Open Radio Access Networks (Open RAN) is increasingly critical.<n>New runtime threats target the control loop while the system is operational.<n>We propose a multi-layer defence framework designed to enhance the security of near-RT RAN Intelligent Controller (RIC) operations.
arXiv Detail & Related papers (2025-12-01T12:13:32Z)
Secure Tug-of-War (SecTOW): Iterative Defense-Attack Training with Reinforcement Learning for Multimodal Model Security [63.41350337821108]
We propose Secure Tug-of-War (SecTOW) to enhance the security of multimodal large language models (MLLMs)<n>SecTOW consists of two modules: a defender and an auxiliary attacker, both trained iteratively using reinforcement learning (GRPO)<n>We show that SecTOW significantly improves security while preserving general performance.
arXiv Detail & Related papers (2025-07-29T17:39:48Z)
Provable Execution in Real-Time Embedded Systems [8.816934283264633]
We develop Provable Execution Architecture for Real-Time Systems (PEARTS)<n>PEARTS is the first PoX system that can be directly deployed alongside a commodity embedded real-time operating system (FreeRTOS)
arXiv Detail & Related papers (2025-05-20T02:31:13Z)
ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
arXiv Detail & Related papers (2024-11-21T18:26:05Z)
fence.t.s: Closing Timing Channels in High-Performance Out-of-Order Cores through ISA-Supported Temporal Partitioning [12.777720034988473]
This work explores challenges with fence.t in superscalar out-of-order cores featuring large and pervasive microarchitectural state. We propose a novel SW-supported temporal fence (fence.t.s) which reuses existing mechanisms and supports advanced microarchitectural features.
arXiv Detail & Related papers (2024-09-11T19:06:03Z)
Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
We investigate the security implications of and software-based Open Radio Access Network (RAN) systems. We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
arXiv Detail & Related papers (2024-05-03T07:18:45Z)
Fight Hardware with Hardware: System-wide Detection and Mitigation of Side-Channel Attacks using Performance Counters [45.493130647468675]
We present a kernel-level infrastructure that allows system-wide detection of malicious applications attempting to exploit cache-based side-channel attacks. This infrastructure relies on hardware performance counters to collect information at runtime from all applications running on the machine. High-level detection metrics are derived from these measurements to maximize the likelihood of promptly detecting a malicious application.
arXiv Detail & Related papers (2024-02-18T15:45:38Z)
HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z)
Proving the Absence of Microarchitectural Timing Channels [0.6282171844772422]
A set of OS mechanisms called time protection was recently proposed as a principled way of preventing information leakage through such channels. We formalise time protection and the underlying hardware mechanisms in a way that allows linking them to the information-flow proofs that showed the absence of storage channels in seL4.
arXiv Detail & Related papers (2023-10-25T22:52:37Z)
A Scalable Formal Verification Methodology for Data-Oblivious Hardware [3.518548208712866]
We propose a novel methodology to formally verify data-oblivious behavior in hardware using standard property checking techniques. We show that proving this inductive property is sufficient to exhaustively verify data-obliviousness at the microarchitectural level. One case study uncovered a data-dependent timing violation in the extensively verified and highly secure IBEX RISC-V core.
arXiv Detail & Related papers (2023-08-15T13:19:17Z)
Citadel: Simple Spectre-Safe Isolation For Real-World Programs That Share Memory [8.414722884952525]
We introduce a new security property we call relaxed microarchitectural isolation (RMI)<n>RMI allows sensitive programs that are not-constant-time to share memory with an attacker while restricting the information leakage to that of non-speculative execution.<n>Our end-to-end prototype, Citadel, consists of an FPGA-based multicore processor that boots Linux and runs secure applications.
arXiv Detail & Related papers (2023-06-26T17:51:23Z)
Safe RAN control: A Symbolic Reinforcement Learning Approach [62.997667081978825]
We present a Symbolic Reinforcement Learning (SRL) based architecture for safety control of Radio Access Network (RAN) applications. We provide a purely automated procedure in which a user can specify high-level logical safety specifications for a given cellular network topology. We introduce a user interface (UI) developed to help a user set intent specifications to the system, and inspect the difference in agent proposed actions.
arXiv Detail & Related papers (2021-06-03T16:45:40Z)

This list is automatically generated from the titles and abstracts of the papers in this site.