∗IMDEA Software Institute †Microsoft Research ‡Saarland UniversityHardware-Software Contracts • October 1st, 2020
Contract Type FiledOctober 1st, 2020Abstract—Since the discovery of Spectre, a large number of hardware mechanisms for secure speculation has been proposed. Intuitively, more defensive mechanisms are less efficient but can securely execute a larger class of programs, while more permis- sive mechanisms may offer more performance but require more defensive programming. Unfortunately, there are no hardware-
Hardware-Software Contracts for Secure SpeculationHardware-Software Contracts • October 1st, 2020
Contract Type FiledOctober 1st, 2020On the software side, we use the framework to characterize program properties that guarantee secure co-design in two scenarios traditionally investigated in isolation: (1) ensuring that a benign program does not leak information while computing on confidential data, and (2) ensuring that a potentially malicious program cannot read outside of its designated sandbox. Finally, we show how the properties corresponding to both scenarios can be checked based on existing tools for software verification, and we use them to validate our findings on executable code.