Skip to main content
Book cover

International Symposium on Formal Methods

FM 2021: Formal Methods pp 43–60Cite as

Verifying Secure Speculation in Isabelle/HOL

Part of the Lecture Notes in Computer Science book series (LNPSE,volume 13047)

Abstract

Secure speculation is an information flow security hyperproperty that prevents transient execution attacks such as Spectre, Meltdown and Foreshadow. Generic compiler mitigations for secure speculation are known to be insufficient for eliminating vulnerabilities. Moreover, these mitigation techniques often overprescribe speculative fences, causing the performance of the programs to suffer. Recently Cheang et al. have developed an operational semantics of program execution capable of characterising speculative executions as well as a new class of information flow hyperproperties named TPOD that ensure secure speculation. This paper presents a framework for verifying TPOD using the Isabelle/HOL proof assistant by encoding the operational semantics of Cheang et al. We provide translation tools for automatically generating the required Isabelle/HOL theory templates from a C-like program syntax, which speeds up verification. Our framework is capable of proving the existence of vulnerabilities and correctness of secure speculation. We exemplify our framework by proving the existence of secure speculation bugs in 15 victim functions for the MSVC compiler as well as correctness of some proposed fixes.

Keywords

  • Isabelle/HOL
  • Secure speculation
  • Formal verification
  • Spectre
  • Transient execution vulnerabilities
  • Hyperproperties

Griffin is supported by funding from Amazon. Dongol is supported by EPSRC grants EP/V038915/1, EP/R032556/1, EP/R025134/2, VeTSS and ARC Discovery Grant DP190102142.

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-90870-6_3
  • Chapter length: 18 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   89.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-90870-6
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   119.99
Price excludes VAT (USA)
Learn about institutional subscriptions
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.

Notes

  1. 1.

    BIL is an assembly intermediate language [1].

  2. 2.

    For this to be exploited we must have already “poisoned” the cache [18]. In this paper, assume cache poisoning to have occurred prior to execution of each program.

  3. 3.

    BIL is an assembly intermediate language [1]. In general, we must reason about secure speculation in assembly language since compilers may optimise branch statements in high-level languages.

  4. 4.

    Technically speaking, the value being accessed is the transformed value v * 512.

References

  1. Brumley, D., Jager, I., Avgerinos, T., Schwartz, E.J.: BAP: a binary analysis platform. In: Gopalakrishnan, G., Qadeer, S. (eds.) Computer Aided Verification, CAV 2011. LNCS, vol. 6806, pp. 463–469. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22110-1_37

  2. Bulck, J.V., et al.: Foreshadow: extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In: Enck, W., Felt, A.P. (eds.) USENIX Security Symposium, pp. 991–1008. USENIX Association (2018). https://www.usenix.org/conference/usenixsecurity18/presentation/bulck

  3. Canella, C., et al.: Fallout: leaking data on meltdown-resistant CPUs. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) CCS, pp. 769–784. ACM (2019). https://doi.org/10.1145/3319535.3363219

  4. Cauligi, S., et al.: Constant-time foundations for the new spectre era. In: Donaldson, A.F., Torlak, E. (eds.) PLDI, pp. 913–926. ACM (2020). https://doi.org/10.1145/3385412.3385970

  5. Cheang, K., Rasmussen, C., Seshia, S.A., Subramanyan, P.: A formal approach to secure speculation. In: CSF, pp. 288–303. IEEE (2019). https://doi.org/10.1109/CSF.2019.00027

  6. Clarkson, M.R., Schneider, F.B.: Hyperproperties. J. Comput. Secur. 18(6), 1157–1210 (2010). https://doi.org/10.3233/JCS-2009-0393

    CrossRef  Google Scholar 

  7. Colvin, R.J., Winter, K.: An abstract semantics of speculative execution for reasoning about security vulnerabilities. In: Sekerinski, E., et al. (eds.) Formal Methods. FM 2019 International Workshops, FM 2019. LNCS, vol. 12233, pp. 323–341. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-54997-8_21

  8. Disselkoen, C., Jagadeesan, R., Jeffrey, A., Riely, J.: The code that never ran: modeling attacks on speculative evaluation. In: IEEE S and P, pp. 1238–1255. IEEE (2019). https://doi.org/10.1109/SP.2019.00047

  9. Fadiheh, M.R., Müller, J., Brinkmann, R., Mitra, S., Stoffel, D., Kunz, W.: A formal approach for detecting vulnerabilities to transient execution attacks in out-of-order processors. In: IEEE DAC, pp. 1–6. IEEE (2020). https://doi.org/10.1109/DAC18072.2020.9218572

  10. Griffin, M., Dongol, B.: Isabelle files for Verifying Secure Speculation in Isabelle/HOL (2021). https://figshare.com/s/c185541c43a7cac258b6

  11. Guanciale, R., Balliu, M., Dam, M.: Inspectre: breaking and fixing microarchitectural vulnerabilities by formal analysis. In: Ligatti, J., Ou, X., Katz, J., Vigna, G. (eds.) CCS, pp. 1853–1869. ACM (2020). https://doi.org/10.1145/3372297.3417246

  12. Guarnieri, M., Köpf, B., Morales, J.F., Reineke, J., Sánchez, A.: Spectector: principled detection of speculative information flows. In: 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, 18–21 May 2020, pp. 1–19. IEEE (2020). https://doi.org/10.1109/SP40000.2020.00011

  13. Intel: Transient execution attacks and related security issues by CPU. Tech. rep., Intel (2019). https://software.intel.com/security-software-guidance/processors-affected-transient-execution-attack-mitigation-product-cpu-model Accessed 5 May 2021

  14. Kaldewaij, A.: Programming - the Derivation of Algorithms. Prentice Hall International Series in Computer Science. Prentice Hall, Hoboken (1990)

    Google Scholar 

  15. Kiriansky, V., Lebedev, I.A., Amarasinghe, S.P., Devadas, S., Emer, J.S.: DAWG: a defense against cache timing attacks in speculative execution processors. In: MICRO, pp. 974–987. IEEE Computer Society (2018). https://doi.org/10.1109/MICRO.2018.00083

  16. Klein, G., et al.: seL4: formal verification of an OS kernel. In: Matthews, J.N., Anderson, T.E. (eds.) SOSP, pp. 207–220. ACM (2009). https://doi.org/10.1145/1629575.1629596

  17. Kocher, P.: Spectre mitigations in microsoft’s c/c++ compiler (2018). https://www.paulkocher.com/doc/MicrosoftCompilerSpectreMitigation.html. Accessed 5 May 2021

  18. Kocher, P., et al.: Spectre attacks: exploiting speculative execution. In: IEEE S and P, pp. 1–19. IEEE (2019). https://doi.org/10.1109/SP.2019.00002

  19. Lipp, M., et al.: Meltdown: reading kernel memory from user space. In: Enck, W., Felt, A.P. (eds.) USENIX Security Symposium, pp. 973–990. USENIX Association (2018). https://www.usenix.org/conference/usenixsecurity18/presentation/lipp

  20. McLean, J.: Proving noninterference and functional correctness using traces. J. Comput. Secur. 1(1), 37–58 (1992). https://doi.org/10.3233/JCS-1992-1103

    CrossRef  Google Scholar 

  21. Prout, A., et al.: Measuring the impact of spectre and meltdown. In: IEEE HPEC, pp. 1–5. IEEE (2018). https://doi.org/10.1109/HPEC.2018.8547554

  22. Rasmussen, C.: Secure Speculation: From Vulnerability to Assurances with UCLID5. Master’s Thesis, EECS Department, University of California, Berkeley, May 2019. http://www2.eecs.berkeley.edu/Pubs/TechRpts/2019/EECS-2019-95.html

  23. Ren, X., Moody, L., Taram, M., Jordan, M., Tullsen, D.M., Venkat, A.: I see dead \(\mu \)ops: leaking secrets via Intel/AMD micro-op caches. In: ISCA (2021). https://www.cs.virginia.edu/venkat/papers/isca2021a.pdf

  24. Roscoe, A.W.: CSP and determinism in security modelling. In: IEEE S and P, pp. 114–127. IEEE Computer Society (1995). https://doi.org/10.1109/SECPRI.1995.398927

  25. Seshia, S.A., Subramanyan, P.: UCLID5: integrating modeling, verification, synthesis and learning. In: MEMOCODE, pp. 1–10. IEEE (2018). https://doi.org/10.1109/MEMCOD.2018.8556946

  26. Taram, M., Venkat, A., Tullsen, D.M.: Context-sensitive fencing: securing speculative execution via microcode customization. In: Bahar, I., Herlihy, M., Witchel, E., Lebeck, A.R. (eds.) ASPLOS, pp. 395–410. ACM (2019). https://doi.org/10.1145/3297858.3304060

  27. Trippel, C., Lustig, D., Martonosi, M.: Security verification via automatic hardware-aware exploit synthesis: the checkmate approach. IEEE Micro 39(3), 84–93 (2019). https://doi.org/10.1109/MM.2019.2910010

    CrossRef  Google Scholar 

  28. Vassena, M., et al.: Automatically eliminating speculative leaks from cryptographic code with blade. In: Proceedings of the ACM Programming Language 5(POPL), 1–30 (2021). https://doi.org/10.1145/3434330

  29. Wang, G., Chattopadhyay, S., Biswas, A.K., Mitra, T., Roychoudhury, A.: Kleespectre: detecting information leakage through speculative cache attacks via symbolic execution. ACM Trans. Softw. Eng. Methodol. 29(3), 14:1–14:31 (2020). https://doi.org/10.1145/3385897

Download references

Author information

Authors and Affiliations

  1. University of Surrey, Guildford, Surrey, UK

    Matt Griffin & Brijesh Dongol

Authors
  1. Matt Griffin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Brijesh Dongol
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Brijesh Dongol .

Editor information

Editors and Affiliations

  1. University of Twente, Enschede, The Netherlands

    Prof. Dr. Marieke Huisman

  2. NASA Ames Research Center, Moffett Field, CA, USA

    Corina Păsăreanu

  3. Institute of Software, Chinese Academy of Sciences, Beijing, China

    Naijun Zhan

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Griffin, M., Dongol, B. (2021). Verifying Secure Speculation in Isabelle/HOL. In: Huisman, M., Păsăreanu, C., Zhan, N. (eds) Formal Methods. FM 2021. Lecture Notes in Computer Science(), vol 13047. Springer, Cham. https://doi.org/10.1007/978-3-030-90870-6_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-90870-6_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-90869-0

  • Online ISBN: 978-3-030-90870-6

  • eBook Packages: Computer ScienceComputer Science (R0)