Common Contracts

∗IMDEA Software Institute †Microsoft Research ‡Saarland University

October 1st, 2020

• Filed
  October 1st, 2020

Abstract—Since the discovery of Spectre, a large number of hardware mechanisms for secure speculation has been proposed. Intuitively, more defensive mechanisms are less efficient but can securely execute a larger class of programs, while more permis- sive mechanisms may offer more performance but require more defensive programming. Unfortunately, there are no hardware-

Hardware-Software Contracts for Secure Speculation

October 1st, 2020

• Filed
  October 1st, 2020

On the software side, we use the framework to characterize program properties that guarantee secure co-design in two scenarios traditionally investigated in isolation: (1) ensuring that a benign program does not leak information while computing on confidential data, and (2) ensuring that a potentially malicious program cannot read outside of its designated sandbox. Finally, we show how the properties corresponding to both scenarios can be checked based on existing tools for software verification, and we use them to validate our findings on executable code.