trusting large specifications the virtuous cycle
play

Trusting Large Specifications: The Virtuous Cycle Alastair Reid - PowerPoint PPT Presentation

Apr 03, 2023 •241 likes •518 views

Trusting Large Specifications: The Virtuous Cycle Alastair Reid alastair.reid@arm.com @alastair_d_reid ARM Research Applica'on Library OS Compiler Processor ARM Research 2 Qualities of a Specification Applicability Scope

  1. Trusting Large Specifications: The Virtuous Cycle Alastair Reid alastair.reid@arm.com @alastair_d_reid ARM Research

  2. Applica'on Library OS Compiler Processor ARM Research 2

  3. Qualities of a Specification Applicability Scope Trustworthiness ARM Research 3

  4. Applicability v6 (1997) A -class (phones/tablets/servers) v7 (2005) R -class (real-time, lock-step support) v8.0 (2013) v8.1 (2015) M -class (microcontroller) v8.2 (2016) ARM Research 4

  5. Scope Compiler targeted instructions? User-level instructions? User+Supervisor? User+Supervisor+Hypervisor+Secure Monitor? ARM Research 5

  6. ISA Specification - ASL Opcode Check Validity Get Operands Set Result Register Set Flags ARM Research 6

  7. System Architecture Specification ARM Research 7

  8. ARM Spec (lines of code) v8-A v8-M Instructions 26,000 6,000 Int/FP/SIMD Exceptions 4,000 3,000 Memory 3,000 1,000 Debug 3,000 1,000 5,500 2,000 Misc (Test support) 1,500 2,000 Total 43,000 15,000 ARM Research 8

  9. System Register Spec v8-A v8-M 586 186 Registers Fields 3951 622 Constant 985 177 aoe Reserved 940 208 Impl. Defined 70 10 Passive 1888 165 68 62 Active Operations 112 10 ARM Research 9

  10. Trustworthiness ARM Research 10

  11. Trustworthiness ARM’s specification is correct by definition ARM Research 10

  12. Trustworthiness ARM’s specification is correct by definition ARM Research 10

  13. Trustworthiness Does the specification match the behaviour of all ARM processors? ARM Research 11

  14. ARM Spec Test S'mulus =?= Oracle ARM Research 12

  15. ARM Spec Directed Tests Random Tests … =?= Memory Tests IRQ Generators Oracle ARM Research 13

  16. ARM Spec Directed Tests Random Tests Self-checking … Bus monitors Memory Tests Trace compare IRQ Generators Oracle ARM Research 14

  17. Architecture Conformance Suite Processor architectural compliance sign-off Large v8-A 11,000 test programs, > 2 billion instructions v8-M 3,500 test programs, > 250 million instructions Thorough Tests dark corners of specification ARM Research 15

  18. v8-A v8-M 100% 100% 75% 75% 50% 50% 25% 25% 0% 0% ARM Research 16

  19. Trustworthy Specifica'ons of ARM v8-A and v8-M System Level Architecture, FMCAD 2016 Pass / Fail ARM Spec ASL Interpreter ELF Test Implementa'on Defined ARM Research 17

  20. End to End Verifica'on of ARM Processors with ISA-Formal, CAV 2016 Counterexample ARM Spec Model Checker ARM CPU Counterexample ARM Research 18

  21. (Work by Jon French and Nathan Chong) ARM Spec ASL Interpreter mbedOS Implementa'on Defined ARM Research 19

  22. (Work by Jon French and Nathan Chong) ARM Spec AFL Fuzzer mbedOS Bugs ARM Research 20

  23. Creating a Virtuous Cycle ARM Informa'on Conformance Testcase Flow TestSuite Genera'on Analysis Processor So_ware ARM Spec Verifica'on Verifica'on Random Boot Instruc'on AFL OS Sequences Fuzzer ARM Research 21

  24. Preparing public release of ARM v8-A specification • Enable formal verification of software and tools • Public release planned for 2016 Q4 • Liberal license • REMS group currently translating to SAIL Talk to me about how I can help you use it ARM Research 22

  25. CPU Specifications Basis of a lot of formal verification Too large to be “obviously correct” Reusable specs enable “virtuous cycle” Greater effort to produce Share testing / maintenance effort More likely to be correct Preparing public release of machine readable ARM Specification ARM Research 23

  26. End Alastair Reid ARM Research alastair.reid@arm.com @alastair_d_reid

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Virtuous Cycle(s) of Velocity What I Learned About Going Fast at eBay and Google Randy Shoup

Virtuous Cycle(s) of Velocity What I Learned About Going Fast at eBay and Google Randy Shoup

Virtuous Cycle(s) of Velocity What I Learned About Going Fast at eBay and Google Randy Shoup @randyshoup linkedin.com/in/randyshoup Background CTO at KIXEYE Making awesome games awesomer (and scalabler and reliabler) Director of Engineering for

190 views • 18 slides
The Virtuous Cycle of Data Mining Data is at the heart of most companies core business

The Virtuous Cycle of Data Mining Data is at the heart of most companies core business

The Virtuous Cycle of Data Mining Data is at the heart of most companies core business processes Data is generated by transactions regardless of industry (retail, insurance) In addition to this internal data, there are lots of

419 views • 4 slides
Grupo LALA Virtuous cycle drives success Safe Harbor This material does not constitute an

Grupo LALA Virtuous cycle drives success Safe Harbor This material does not constitute an

Grupo LALA Virtuous cycle drives success Safe Harbor This material does not constitute an offering document. This material was prepared solely for informational purposes and is not to be construed as a solicitation or an offer to buy or sell any

833 views • 51 slides
Grupo LALA Virtuous cycle drives success Safe Harbor This material does not constitute an

Grupo LALA Virtuous cycle drives success Safe Harbor This material does not constitute an

Grupo LALA Virtuous cycle drives success Safe Harbor This material does not constitute an offering document. This material was prepared solely for informational purposes and is not to be construed as a solicitation or an offer to buy or sell any

428 views • 39 slides
Leading with Care AMPATH Purdue Kenya Partnership The Virtuous Cycle of Academic Engagement

Leading with Care AMPATH Purdue Kenya Partnership The Virtuous Cycle of Academic Engagement

Leading with Care AMPATH Purdue Kenya Partnership The Virtuous Cycle of Academic Engagement Care Teaching Research Leading with Care Academ demic Mod odel Provid vidin ing Acces ess To o Health thcar are Initiated in

881 views • 29 slides
T RAVEL PROMOTIONS VIRTUOUS CYCLE In 2016, Travel Exports (spending by international travelers

T RAVEL PROMOTIONS VIRTUOUS CYCLE In 2016, Travel Exports (spending by international travelers

TOURISM IS BIG BUSINESS T RAVEL PROMOTIONS VIRTUOUS CYCLE In 2016, Travel Exports (spending by international travelers to US) exceed Travel Imports (spending by US travelers to other countries) = Trade Surplus = $84 BILLION surplus LOUISIANA

854 views • 58 slides
Outline Trusting trust attack Countering Trusting Trust What it is through Diverse

Outline Trusting trust attack Countering Trusting Trust What it is through Diverse

Outline Trusting trust attack Countering Trusting Trust What it is through Diverse Double-Compiling Attacker motivations Triggers & payloads David A. Wheeler Inadequate solutions & related work Solution: Diverse

517 views • 25 slides
Trusting Trusting the Cloud with the Cloud with Practical Interact Practical Interactive ive

Trusting Trusting the Cloud with the Cloud with Practical Interact Practical Interactive ive

Trusting Trusting the Cloud with the Cloud with Practical Interact Practical Interactive ive Proofs Proofs Graham Cormode G.Cormode@warwick.ac.uk Amit Chakrabarti (Dartmouth) Andrew McGregor (U Mass Amherst) Justin Thaler (Harvard/Yahoo!)

257 views • 14 slides
policies versus a Virtuous Circle of reinforcing policies Suzana Carp Brussels Office Lead 06

policies versus a Virtuous Circle of reinforcing policies Suzana Carp Brussels Office Lead 06

A Vicious Cycle of overlapping policies versus a Virtuous Circle of reinforcing policies Suzana Carp Brussels Office Lead 06 June 2017 Impact of policy overlap on the price in the EU ETS Report: Placing the EU ETS in context (Sandbag, 1

697 views • 5 slides
Specifications and formal program development in-the-large What are specifications for? For

Specifications and formal program development in-the-large What are specifications for? For

Specifications and formal program development in-the-large What are specifications for? For the system user: specification captures the properties of the system the user can rely on. For the system developer: specification captures all the

297 views • 26 slides
VLSI Design Styles Basic Concepts in VLSI Physical Design Automation VLSI Design Cycle

VLSI Design Styles Basic Concepts in VLSI Physical Design Automation VLSI Design Cycle

VLSI Design Styles Basic Concepts in VLSI Physical Design Automation VLSI Design Cycle Large number of devices System Optimization requirements Specifications for high performance Time-to-market competition Cost Manual

789 views • 57 slides
VLSI Design Styles Basic Concepts in VLSI Physical Design Automation 1 VLSI Design Cycle

VLSI Design Styles Basic Concepts in VLSI Physical Design Automation 1 VLSI Design Cycle

VLSI Design Styles Basic Concepts in VLSI Physical Design Automation 1 VLSI Design Cycle Large number of devices System Optimization requirements Specifications for high performance Time-to-market competition Cost

559 views • 29 slides
BIG DATA AND US 2 GARTNER HYPE CYCLE www.gartner.com www.wikipedia.org GARTNER HYPE CYCLE 3

BIG DATA AND US 2 GARTNER HYPE CYCLE www.gartner.com www.wikipedia.org GARTNER HYPE CYCLE 3

BIG DATA AND US 2 GARTNER HYPE CYCLE www.gartner.com www.wikipedia.org GARTNER HYPE CYCLE 3 Emerging technologies 2014 www.gartner.com 4 TIME TO BE PRODUCTIVE Large data hide true quantitative signal Large data generate spurious

446 views • 21 slides
Company Overview Sajars Specialties Molding Specifications Large Parts (10 to 80

Company Overview Sajars Specialties Molding Specifications Large Parts (10 to 80

Company Overview Sajars Specialties Molding Specifications Large Parts (10 to 80 horizontal, 10 to 70 vertical, Surface Area: In excess of 1,000 sq. in.) High Cosmetic Standards Conversions to Gas Assist Injection Molding

898 views • 40 slides
Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) David A. Wheeler

Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) David A. Wheeler

Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) David A. Wheeler November 18, 2009 http://www.dwheeler.com/trusting-trust This presentation contains the views of the author and does not necessarily indicate endorsement

1.22k views • 72 slides
Certification Specifications and Acceptable Means of Compliance for Large Rotorcraft CS-29

Certification Specifications and Acceptable Means of Compliance for Large Rotorcraft CS-29

Annex to ED Decision 2016/025/R European Aviation Safety Agency Certification Specifications and Acceptable Means of Compliance for Large Rotorcraft CS-29 Amendment 4 30 November 2016 1 1 For the date of entry into force of Amendment 4,

1.57k views • 142 slides
The RoI of Simulation-Based Training* vs Live Training** of Incident Commanders Ilona Heldal

The RoI of Simulation-Based Training* vs Live Training** of Incident Commanders Ilona Heldal

The RoI of Simulation-Based Training* vs Live Training** of Incident Commanders Ilona Heldal Western Norway University of Applied Sciences Cecilia Hammar Wijkmark The Swedish Civil Contingencies Agency #ITEC2019 15 May 2019 My background

520 views • 22 slides
New (and Exciting!) Developments in Linux Tracing Elena Zannoni (elena.zannoni@oracle.com) Linux

New (and Exciting!) Developments in Linux Tracing Elena Zannoni (elena.zannoni@oracle.com) Linux

<Insert Picture Here> New (and Exciting!) Developments in Linux Tracing Elena Zannoni (elena.zannoni@oracle.com) Linux Engineering, Oracle America Linuxcon Japan 2015 Overview BPF eBPF eBPF main concepts and elements eBPF

601 views • 42 slides
Process Address Spaces and Binary Formats Don Porter CSE 306 Background Weve

Process Address Spaces and Binary Formats Don Porter CSE 306 Background Weve

Process Address Spaces and Binary Formats Don Porter CSE 306 Background Weve talked some about processes This lecture: discuss overall virtual memory organization Key abstraction: Address space We will learn about

641 views • 34 slides
Cyberinfrastructure Framework for 21st Century Science & Engineering (CF21) NSF-wide

Cyberinfrastructure Framework for 21st Century Science & Engineering (CF21) NSF-wide

Cyberinfrastructure Framework for 21st Century Science & Engineering (CF21) NSF-wide Cyberinfrastructure Vision People, Sustainability, Innovation, Integration Edward Seidel/Alan Blatecky Acting Assistant Director, Mathematical and

191 views • 16 slides
Web 2.0 features Sharing 7 r e t p a h C Design for Sharing To reach a Tipping Point

Web 2.0 features Sharing 7 r e t p a h C Design for Sharing To reach a Tipping Point

Edit Web 2.0 features Sharing 7 r e t p a h C Design for Sharing To reach a Tipping Point Law of the few: Connectors, Mavens (experts), Salespeople Connectors: act like hubs, share information with their friends Design for sharers

427 views • 21 slides
LEADERSHIP IN EMBEDDED SECURITY August 13 th , 2018 Baltimore, Maryland CCC: CATALYZING I.T.S

LEADERSHIP IN EMBEDDED SECURITY August 13 th , 2018 Baltimore, Maryland CCC: CATALYZING I.T.S

LEADERSHIP IN EMBEDDED SECURITY August 13 th , 2018 Baltimore, Maryland CCC: CATALYZING I.T.S VIRTUOUS CYCLE Ci*zens Industry Government Academia 2 Icons modified from Zlatko Najdenovski, Fla9con COMPUTING COMMUNITY CONSORTIUM The

206 views • 7 slides
CONSORTIUM (CCC) Mark D. Hill, U . Wisconsin CS & ECE CCC Vice Chair 2016-18 & Chair

CONSORTIUM (CCC) Mark D. Hill, U . Wisconsin CS & ECE CCC Vice Chair 2016-18 & Chair

THE COMPUTING COMMUNITY CONSORTIUM (CCC) Mark D. Hill, U . Wisconsin CS & ECE CCC Vice Chair 2016-18 & Chair 2018-20 @ ECEDHA, 3/2018 Big Picture : Catalyzing ITs Virtuous Cycle CCCs Process Backward Case Study: Computer

629 views • 40 slides
Computation vs. Memory Systems: Pinning Down Accelerator Bottlenecks Martha Kim and Stephen

Computation vs. Memory Systems: Pinning Down Accelerator Bottlenecks Martha Kim and Stephen

Computation vs. Memory Systems: Pinning Down Accelerator Bottlenecks Martha Kim and Stephen Edwards Columbia University Department of Computer Science June 19, 2010 AMAS-BT Workshop 2 Improved processor performance Fuller- Slower

706 views • 58 slides

More recommend