SpecuGuard: A Computer System for Secure Speculative Execution

Bookmark/Download	Download as PDF
Track Code	2021-THOT-69479
Categories	Computer Technology
Keywords	Computer Hardware Computer Security cyber-physical systems Cybersecurity Data Processing Memory Security Computer Technology
Public Abstract	Researchers at Purdue University have developed a hardware table and control logic for modern central processing units (CPU), a system known as SpecuGuard. The secure speculative execution system addresses Spectre and Meltdown vulnerabilities without altering CPU performance, unlike traditional systems. Spectre attacks are used for reading forbidden data by exploiting microprocessor hardware and can induce misspeculated paths, causing unintended side channels through the CPU's microarchitecture where data can be leaked. In either Spectre or Meltdown attacks, entire kernels or browser memories can be read. To plug these channels is difficult and sometimes infeasible and load and control-flow transfer techniques for data cleanup are typically unsafe. However, SpecuGuard allows for delays and recognition of user-checked code prior to committing data transfers. SpecuGuard employes speculative access control tables (SACT) to track load-instruction pairs and evaluate every possible speculative access for improved safety. In addition, SpecuGuard can avoid intrusive changes to clock-critical issue queue circuitry. In testing, SpecuGuard's false positive rate was found to be low while tagging and mapping data even during dynamic memory allocation. Technology Validation: A low rate of false positives was achieved with SpecuGuard. Publication: "Secure Automatic Bound Checking: Prevention is Simpler Than Cure." CGO 2020: Proceedings of the 18th ACM/IEEE International Symposium on Code Generation and Optimization. DOI: 10.1145/3368826.3377921 Advantages: -Prevents Cyber Attacks -Low False Positive Rate -Enables More Accurate and Safer Speculative Access Determination Applications: -Central Processing Unit Hardware -Cybersecurity
People	Thottethodi, Mithuna S (Project leader) Vijaykumar, T N
Intellectual Property	Application Date May 5, 2022 Type Utility Patent Country of Filing United States Patent Number (None) Issue Date (None) Application Date Sep 23, 2021 Type Provisional-Patent Country of Filing United States Patent Number (None) Issue Date (None) Application Date Aug 13, 2021 Type Provisional-Patent Country of Filing United States Patent Number (None) Issue Date (None) Application Date May 6, 2021 Type Provisional-Patent Country of Filing United States Patent Number (None) Issue Date (None)
Contact OTC	Purdue Office of Technology Commercialization The Convergence Center 101 Foundry Drive, Suite 2500 West Lafayette, IN 47906 Phone: (765) 588-3475 Fax: (765) 463-3486 Email: otcip@prf.org

​SpecuGuard: A Computer System for Secure Speculative Execution

SpecuGuard: A Computer System for Secure Speculative Execution