Hardware Support for Safety Interlocks and Introspection

Udit Dhawan; Albert Kwon; Edin Kadric; Catalin Hritcu; Benjamin C. Pierce; Jonathan M. Smith; Andre DeHon; Gregory Malecha; Greg Morrisett; Thomas F. Knight; Andrew Sutherland; Tom Hawkins; Amanda Zyxnfryx; David Wittenberg; Peter Trei; Sumit Ray; Greg Sullivan

doi:10.1109/SASOW.2012.11

Conference proceeding

Hardware Support for Safety Interlocks and Introspection

Udit Dhawan, Albert Kwon, Edin Kadric, Catalin Hritcu, Benjamin C. Pierce, Jonathan M. Smith, Andre DeHon, Gregory Malecha, Greg Morrisett, Thomas F. Knight, …

2012 IEEE SIXTH INTERNATIONAL CONFERENCE ON SELF-ADAPTIVE AND SELF-ORGANIZING SYSTEMS WORKSHOPS (SASOW), pp.1-8

International Conference on Self-Adaptive and Self-Organizing Systems

01/01/2012

DOI: 10.1109/SASOW.2012.11

View Online

Abstract

Hardware interlocks that enforce semantic invariants and allow fine-grained privilege separation can be built with reasonable costs given modern semiconductor technology. In the common error-free case, these mechanisms operate largely in parallel with the intended computation, monitoring the semantic intent of the computation on an operation-by-operation basis without sacrificing cycles to perform security checks. We specifically explore five mechanisms: (1) pointers with manifest bounds (fat pointers), (2) hardware types (atomic groups), (3) processor-supported authority, (4) authority-changing procedure calls (gates), and (5) programmable metadata validation and propagation (tags and dynamic tag management). These mechanisms allow the processor to continuously introspect on its operation, efficiently triggering software handlers on events that require logging, merit sophisticated inspection, or prompt adaptation. We present results from our prototype FPGA implementation of a processor that incorporates these mechanisms, quantifying the logic, memory, and latency requirements. We show that the dominant cost is the wider memory necessary to hold our metadata (the atomic groups and programmable tags), that the added logic resources make up less than 20% of the area of the processor, that the concurrent checks do not degrade processor cycle time, and that the tag cache is comparable to a small L1 data cache.

Computer Science

Technology

Computer Science, Hardware & Architecture

Computer Science, Theory & Methods

Science & Technology

Details

Title: Subtitle: Hardware Support for Safety Interlocks and Introspection
Creators: Udit Dhawan - University of Pennsylvania
Albert Kwon - University of Pennsylvania
Edin Kadric - University of Pennsylvania
Catalin Hritcu - University of Pennsylvania
Benjamin C. Pierce - University of Pennsylvania
Jonathan M. Smith - Univ Penn, Dept Elect & Syst Engn, Philadelphia, PA 19104 USA
Andre DeHon - University of Pennsylvania
Gregory Malecha - Harvard University
Greg Morrisett - Harvard University
Thomas F. Knight - BAE Syst, Adv Informat Technol, Burlington, MA USA
Andrew Sutherland - Adv. Inf. Technol., BAE Syst., Burlington, MA, USA
Tom Hawkins - Adv. Inf. Technol., BAE Syst., Burlington, MA, USA
Amanda Zyxnfryx - Adv. Inf. Technol., BAE Syst., Burlington, MA, USA
David Wittenberg - Adv. Inf. Technol., BAE Syst., Burlington, MA, USA
Peter Trei - Adv. Inf. Technol., BAE Syst., Burlington, MA, USA
Sumit Ray - Adv. Inf. Technol., BAE Syst., Burlington, MA, USA
Greg Sullivan - Adv. Inf. Technol., BAE Syst., Burlington, MA, USA
Resource Type: Conference proceeding
Publication Details: 2012 IEEE SIXTH INTERNATIONAL CONFERENCE ON SELF-ADAPTIVE AND SELF-ORGANIZING SYSTEMS WORKSHOPS (SASOW), pp.1-8
Publisher: IEEE
Series: International Conference on Self-Adaptive and Self-Organizing Systems
DOI: 10.1109/SASOW.2012.11
ISSN: 1949-3673
Number of pages: 8
Grant note: FA8650-10-C-7090 / DARPA CRASH program through the United States Air Force Research Laboratory (AFRL)
Language: English
Date published: 01/01/2012
Academic Unit: English; Cinematic Arts
Record Identifier: 9984397927702771

Metrics

3 Record Views

6 Times Cited - Web of Science