sese
play

SESE Introduction Background Cache Analysis for Diverse Programs - PowerPoint PPT Presentation

Nov 14, 2023 •264 likes •667 views

Instruction Caches in Static WCET Analysis of Artificially Diversified Software Joachim Fellmuth, Thomas G othel, Sabine Glesner Technische Universit at Berlin Software and Embedded Systems Engineering ECRTS 2018, Barcelona SESE

  1. Instruction Caches in Static WCET Analysis of Artificially Diversified Software Joachim Fellmuth, Thomas G¨ othel, Sabine Glesner Technische Universit¨ at Berlin Software and Embedded Systems Engineering ECRTS 2018, Barcelona SESE

  2. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Motivation Cyber-physical systems (CPS) omnipresent safety-critical , hard real-time requirements highly interconnected → large attack surface SESE Static Cache Analysis for Diverse Software 2/ 18 Joachim Fellmuth

  3. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Motivation Cyber-physical systems (CPS) omnipresent safety-critical , hard real-time requirements highly interconnected → large attack surface Security important development aspect unsafe languages enable code-reuse attacks → use knowledge of system’s memory SESE Static Cache Analysis for Diverse Software 2/ 18 Joachim Fellmuth

  4. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Motivation Cyber-physical systems (CPS) omnipresent safety-critical , hard real-time requirements highly interconnected → large attack surface Security important development aspect unsafe languages enable code-reuse attacks → use knowledge of system’s memory Artificial software diversity hides memory layout (e.g. randomize instruction addresses) copes with unknown attack types WCET-aware security increase possible [FHPG17] SESE Static Cache Analysis for Diverse Software 2/ 18 Joachim Fellmuth

  5. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Problem Problem : Uncertainty induces pessimism in WCET analysis timing impact of some randomized diversification techniques unpredictable [DDNS12, LHBF14, Coh93, FSA97, WMHL12] WCET hardware analyses rely on full knowledge of the program addresses state-of-the-art cache analyses not able to produce upper bound estimate for all program variants [HJR11, ZK15, BC08, Cul13, LGR + 16] All miss has to be assumed as worst-case cache behavior SESE Static Cache Analysis for Diverse Software 3/ 18 Joachim Fellmuth

  6. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Proposed Solution Our goal: Efficient WCET cache analysis for diverse programs powerful diversity approach reuse established analyses , compatible with IPET tight worst-case estimate over all variants Approach: relocation and reordering of code fragments introduce uncertainty into WCET cache analysis aggregate results for all variants per basic block SESE Static Cache Analysis for Diverse Software 4/ 18 Joachim Fellmuth

  7. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Outline 1 Background Artificial software diversity WCET Analysis 2 Cache Analysis for Diverse Programs Must Analysis Further Analyses 3 Evaluation 4 Conclusion SESE Static Cache Analysis for Diverse Software 5/ 18 Joachim Fellmuth

  8. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Outline 1 Background Artificial software diversity WCET Analysis 2 Cache Analysis for Diverse Programs Must Analysis Further Analyses 3 Evaluation 4 Conclusion SESE Static Cache Analysis for Diverse Software 6/ 18 Joachim Fellmuth

  9. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Artificial software diversity Semantically equivalent program variants → different program layout in memory → exploit compiler decisions to obtain variants SESE Static Cache Analysis for Diverse Software 7/ 18 Joachim Fellmuth

  10. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Artificial software diversity Semantically equivalent program variants → different program layout in memory → exploit compiler decisions to obtain variants We use relocation and reordering of rearrangeable code parts (fragments) → no changes to instructions (code size) and CFG → predictable behavior over all variants → covers the entire instruction memory SESE Static Cache Analysis for Diverse Software 7/ 18 Joachim Fellmuth

  11. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Artificial software diversity Semantically equivalent program variants → different program layout in memory → exploit compiler decisions to obtain variants We use relocation and reordering of rearrangeable code parts (fragments) → no changes to instructions (code size) and CFG → predictable behavior over all variants → covers the entire instruction memory Different fragment granularities possible → segment-, function, block level SESE Static Cache Analysis for Diverse Software 7/ 18 Joachim Fellmuth

  12. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Cache analysis: Must (LRU) bb2: bb1: bb4: bb5: bb6: CFG creation bb3: bb7: SESE Static Cache Analysis for Diverse Software 8/ 18 Joachim Fellmuth

  13. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Cache analysis: Must (LRU) cache (A=2): bb2: 9 set 1 i1 set 1 i2 bb1: 10 set 2 i1 10 bb4: 1 1 2 2 3 bb5: 3 bb6: 4 6 4 Assign cache 7 5 blocks and sets 7 5 6 bb3: 11 11 12 bb7: 8 8 9 SESE Static Cache Analysis for Diverse Software 8/ 18 Joachim Fellmuth

  14. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Cache analysis: Must (LRU) cache (A=2): - - - - bb2: - - - - 9 set 1 i1 set 1 i2 bb1: 10 set 2 i1 10 9 10 - - - - - - bb4: 1 1 age 1 9 6 - 8 2 - 2 3 - age 2 2 3 1 2 3 - 9 10 - - bb5: 3 Abstract Cache bb6: 4 6 4 State (ACS) 7 5 filled using fix- 7 5 point algorithm 6 1 6 7 - 9 2 3 - 5 6 3 4 1 2 - - bb3: 11 11 - 6 - - 12 1 2 3 - bb7: 9 10 11 12 8 - - - - 8 9 SESE Static Cache Analysis for Diverse Software 8/ 18 Joachim Fellmuth

  15. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Cache analysis: Must (LRU) cache (A=2): - - - - bb2: - - - - 9 set 1 i1 set 1 i2 bb1: 10 set 2 i1 10 9 10 - - - - - - bb4: 1 1 age 1 9 6 - 8 2 - 2 3 - age 2 2 3 1 2 3 - 9 10 - - bb5: 3 bb6: 4 6 4 ACS update 7 5 function 7 5 6 1 6 7 - 9 2 3 - 5 6 3 4 1 2 - - bb3: 11 11 - 6 - - 12 1 2 3 - bb7: 9 10 11 12 8 - - - - 8 9 SESE Static Cache Analysis for Diverse Software 8/ 18 Joachim Fellmuth

  16. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Cache analysis: Must (LRU) cache (A=2): - - - - bb2: - - - - 9 set 1 i1 set 1 i2 bb1: 10 set 2 i1 10 9 10 - - - - - - bb4: 1 1 age 1 9 6 - 8 2 - 2 3 - age 2 2 3 1 2 3 - 9 10 - - bb5: 3 bb6: 4 6 4 ACS join func- 7 5 tion 7 5 6 1 6 7 - 9 2 3 - 5 6 3 4 1 2 - - bb3: 11 11 - 6 - - 12 1 2 3 - bb7: 9 10 11 12 8 - - - - 8 9 SESE Static Cache Analysis for Diverse Software 8/ 18 Joachim Fellmuth

  17. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Cache analysis: Must (LRU) cache (A=2): bb2: 9 set 1 i1 set 1 i2 bb1: 10 set 2 i1 10 bb4: 1 1 2 2 3 bb5’: 16 bb5: 3 16 Diversity: bb6: 4 17 6 4 17 Alt. node location - 7 5 18 different number of 7 5 18 memory blocks 6 bb3: 11 11 12 bb7: 8 8 9 SESE Static Cache Analysis for Diverse Software 8/ 18 Joachim Fellmuth

  18. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Cache analysis: Must (LRU) cache (A=2): bb2: 9 set 1 i1 set 1 i2 bb1: 10 set 2 i1 10 bb4: 1 1 2 2 3 bb5’: 17 bb5: 3 17 f r a bb6: 4 18 g 6 Diversity: m f 4 18 r e a n 7 Different fragments: g t m 5 19 a 7 e Conflicts unknown n 5 19 t b 6 bb3: 11 11 12 bb7: 8 8 9 SESE Static Cache Analysis for Diverse Software 8/ 18 Joachim Fellmuth

  19. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Outline 1 Background Artificial software diversity WCET Analysis 2 Cache Analysis for Diverse Programs Must Analysis Further Analyses 3 Evaluation 4 Conclusion SESE Static Cache Analysis for Diverse Software 9/ 18 Joachim Fellmuth

  20. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Cache Analysis for diverse Programs Uncertainty of relocation and reordering in Abstract Cache State every basic block (BB) belongs to a fragment distances to BB are only known within this fragment → one ”virtual” cache per fragment → regular cache replacement within fragment → cache contents of other fragments subject to worst-case behavior depends on offset within set → cache behavior is equal over all sets → fragment starts at 0 plus offset → one cache representation for each possible offset SESE Static Cache Analysis for Diverse Software 10/ 18 Joachim Fellmuth

  21. Introduction Background Cache Analysis for Diverse Programs Evaluation Conclusion Location-tolerant Must analysis bb2: bb1: bb4: bb5: bb6: regular CFG bb3: bb7: SESE Static Cache Analysis for Diverse Software 11/ 18 Joachim Fellmuth

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Writing a compelling NASA proposal James Lyons Assoc Res Professor SESE SESE March 14 2017

Writing a compelling NASA proposal James Lyons Assoc Res Professor SESE SESE March 14 2017

Writing a compelling NASA proposal James Lyons Assoc Res Professor SESE SESE March 14 2017 According to Dr. Francis Collins, Director of the NIH, So many worthwhile research ideas get put into the unfunded category in reviews because the

564 views • 23 slides
Statistical significance for untangling complex genotype- phenotype connections Jun Sese

Statistical significance for untangling complex genotype- phenotype connections Jun Sese

Statistical significance for untangling complex genotype- phenotype connections Jun Sese sese.jun@aist.go.jp AIST http://seselab.org/ Higher-order analyses of genome-wide data are incompatible with p-values Combinatorial e ff ects

660 views • 29 slides
Replica-exchange in molecular dynamics Part of 2014 SeSE course in Advanced molecular dynamics

Replica-exchange in molecular dynamics Part of 2014 SeSE course in Advanced molecular dynamics

Replica-exchange in molecular dynamics Part of 2014 SeSE course in Advanced molecular dynamics Mark Abraham Frustration in MD Frustration in MD different motions have different time scales bond vibration, angle-vibration, side-chain

651 views • 22 slides
@South European Systems Engineering Tour (SESE) May 20 th -23 rd 2019 1 About us The Swiss

@South European Systems Engineering Tour (SESE) May 20 th -23 rd 2019 1 About us The Swiss

Swiss Society of Systems Engineering INCOSE Swiss Chapter @South European Systems Engineering Tour (SESE) May 20 th -23 rd 2019 1 About us The Swiss Society of Systems Engineering (SSSE) is a non-profit organisation formed in 2011 by a group

412 views • 9 slides
Bark Bites SESE - Clay City Making the product Clean-UP Baking Packaging Filling Orders

Bark Bites SESE - Clay City Making the product Clean-UP Baking Packaging Filling Orders

A student run business Making product Packaging product Filling orders Taking payment Bark Bites SESE - Clay City Making the product Clean-UP Baking Packaging Filling Orders Thanks for your interest in

177 views • 6 slides
September, 2016 Agenda Introduction Overview of NGS Accreditation with ASHI

September, 2016 Agenda Introduction Overview of NGS Accreditation with ASHI

NGS Accreditation with ASHI Standards, Plus Omixon Update Presenters: Dr. Peter Meintjes, CCO, Omixon Tim Hague, CEO, Omixon Guest Speakers: Dr. Lee Ann Baxter-Lowe, CHLA Doreen Sese, Yale University Dr. Zahra Kashi, Kashi Labs Prof.

885 views • 63 slides
The Elevator Pitch Audrey Iffert-Saleem Executive Director, Entrepreneurship & Innovation

The Elevator Pitch Audrey Iffert-Saleem Executive Director, Entrepreneurship & Innovation

SESE Postdoctoral Development Program The Elevator Pitch Audrey Iffert-Saleem Executive Director, Entrepreneurship & Innovation Initiatives what is the difference between pitching and presenting? what is an elevator pitch? how long is an

276 views • 27 slides
CLICK HERE TO KNOW MORE New Developments in the Philippine Space Program and Policy Dr. Rogel

CLICK HERE TO KNOW MORE New Developments in the Philippine Space Program and Policy Dr. Rogel

CLICK HERE TO KNOW MORE New Developments in the Philippine Space Program and Policy Dr. Rogel Mari Sese Program Leader, National SPACE Development Program Focal Person, Philippine Space Science Education Program PH Space-Related Programs and

459 views • 20 slides
Power Generation and Coal Export Project Developments Investor Presentation August 2018 AFR is

Power Generation and Coal Export Project Developments Investor Presentation August 2018 AFR is

Power Generation and Coal Export Project Developments Investor Presentation August 2018 AFR is developing two principal businesses 1. Power Generation 2. Coal Exports SESE MMBW JV with First Quantum Minerals Ltd High-quality

506 views • 17 slides
CSSE 220 Objects Check out SuperSimpleObjects and TeamGradebook from SVN Plan for today Talk

CSSE 220 Objects Check out SuperSimpleObjects and TeamGradebook from SVN Plan for today Talk

CSSE 220 Objects Check out SuperSimpleObjects and TeamGradebook from SVN Plan for today Talk about object references and box and pointer diagrams Talk about static methods Continue working on writing your own classes Get started

556 views • 16 slides
CS 251 Fall 2019 CS 251 Fall 2019 Principles of Programming Languages Principles of

CS 251 Fall 2019 CS 251 Fall 2019 Principles of Programming Languages Principles of

CS 251 Fall 2019 CS 251 Fall 2019 Principles of Programming Languages Principles of Programming Languages Ben Wood Ben Wood ML vs. Racket and Static vs. Dynamic Type-Checking https://cs.wellesley.edu/~cs251/f19/ 1 Static vs. Dynamic

458 views • 32 slides
Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting insights at compile time Full branch coverage Terminates Doesnt rely on a test suite Types are static analysis. Lets talk about

784 views • 39 slides
Today Writing Assignment Update Final Reflective Statement Due March 14 750 words

Today Writing Assignment Update Final Reflective Statement Due March 14 750 words

Today Writing Assignment Update Final Reflective Statement Due March 14 750 words CSE 481b Final Project Presentations Winter 2007 Delivering a software product What we dont teach you CSE 481b How to create a

338 views • 6 slides
Introduction to Static Analysis 17654: Analysis of Software Artifacts Jonathan Aldrich

Introduction to Static Analysis 17654: Analysis of Software Artifacts Jonathan Aldrich

Introduction to Static Analysis 17654: Analysis of Software Artifacts Jonathan Aldrich

904 views • 46 slides
Temperature sensors (as draft for scope review) A. Cervera M.A. Garcia Peris

Temperature sensors (as draft for scope review) A. Cervera M.A. Garcia Peris

CISC, DUNE CM FNAL, 06/06/2019 Temperature sensors (as draft for scope review) A. Cervera M.A. Garcia Peris (IFIC-Valencia) Table of contents # slides # slides Content accum. 1 Motivation of standard temperature measurements 1 5

862 views • 26 slides
Using Static Single Assignment Form Announcements Project 2 schedule due today HW1 due

Using Static Single Assignment Form Announcements Project 2 schedule due today HW1 due

Using Static Single Assignment Form Announcements Project 2 schedule due today HW1 due Friday Last Time SSA Technicalities Today Constant propagation Loop invariant code motion Induction variables CS553 Lecture

444 views • 17 slides
A YANG Data Model for MPLS Base and Static LSPs (draft-saad-mpls-static-yang-00) Tarek Saad

A YANG Data Model for MPLS Base and Static LSPs (draft-saad-mpls-static-yang-00) Tarek Saad

IETF 94 Yokohama Nov 2015 A YANG Data Model for MPLS Base and Static LSPs (draft-saad-mpls-static-yang-00) Tarek Saad (Cisco) Kamran Raza (Cisco) >> Presenter Rakesh Gandhi (Cisco) Xufeng Liu (Ericsson) Vishnu Pavan Beeram

325 views • 16 slides
understanding of static electricity and magnetism at lower and upper second level education

understanding of static electricity and magnetism at lower and upper second level education

The application of tutorial based worksheets to enhance student understanding of static electricity and magnetism at lower and upper second level education Richar hard Moynihan, han, Ei Eilish McLoughlin Loughlin, , Odilla Finla lays

522 views • 22 slides
Boosting Job-Level Migration by Static Analysis Workshop on Operating Systems Platforms for

Boosting Job-Level Migration by Static Analysis Workshop on Operating Systems Platforms for

Boosting Job-Level Migration by Static Analysis Workshop on Operating Systems Platforms for Embedded Real-Time Applications July 09, 2019 Tobias Klaus, Peter Ulbrich, Phillip Raffeck, Benjamin Frank, Lisa Wernet , Maxim Ritter von Onciul ,

841 views • 42 slides
Forwarding Traffic Down Tunnels Sources: MPLS Forum, Cisco V. Alwayn, Advanced MPLS Design and

Forwarding Traffic Down Tunnels Sources: MPLS Forum, Cisco V. Alwayn, Advanced MPLS Design and

Forwarding Traffic Down Tunnels Sources: MPLS Forum, Cisco V. Alwayn, Advanced MPLS Design and Implementation , Cisco Press E. W. Gray, MPLS Implementing the Technology , Addison Wesley B. Davie and Y. Rekhter, MPLS Technology and Applications ,

516 views • 35 slides
CS 457 Lecture 19 Global Internet - BGP Fall 2011 Decision Process Calculate degree of

CS 457 Lecture 19 Global Internet - BGP Fall 2011 Decision Process Calculate degree of

CS 457 Lecture 19 Global Internet - BGP Fall 2011 Decision Process Calculate degree of preference for each route in Adj-RIB-In as follows (apply following steps until one route is left): select route with highest LOCAL-PREF

409 views • 23 slides
the Robust Network Loading Problem with Dynamic Routing Sara Mattia DIS - Dipartimento di

the Robust Network Loading Problem with Dynamic Routing Sara Mattia DIS - Dipartimento di

the Robust Network Loading Problem with Dynamic Routing Sara Mattia DIS - Dipartimento di Informatica e Sistemistica Antonio Ruberti Universit degli Studi di Roma La Sapienza mattia@dis.uniroma1.it outline the problem problem

302 views • 27 slides
The First Supercomputer with HyperX Topology A Viable Alternative to Fat-Trees? Outline

The First Supercomputer with HyperX Topology A Viable Alternative to Fat-Trees? Outline

The First Supercomputer with HyperX Topology A Viable Alternative to Fat-Trees? Outline 5-min high-level summary From Idea to Working HyperX Research and Deployment Challenges Alternative job placement DL-free, non-minimal

823 views • 22 slides
A Tune-up for Tor: Improving Security and Performance in the Tor Network Robin Snader Nikita

A Tune-up for Tor: Improving Security and Performance in the Tor Network Robin Snader Nikita

A Tune-up for Tor: Improving Security and Performance in the Tor Network Robin Snader Nikita Borisov Department of Computer Science Dept. of Electrical & Computer Engineering rsnader2@cs.uiuc.edu nikita@uiuc.edu University of Illinois

490 views • 23 slides

More recommend