Home

Speculative Virtual Verification: Policy-Constrained Speculative Execution

Michael E. Locasto; Stelios Sidiroglou; Angelos D. Keromytis

Title:
Speculative Virtual Verification: Policy-Constrained Speculative Execution
Author(s):
Locasto, Michael E.
Sidiroglou, Stelios
Keromytis, Angelos D.
Date:
Type:
Articles
Department:
Computer Science
Permanent URL:
Book/Journal Title:
New Security Paradigms Workshop: Proceedings: September 20-23, 2005, Lake Arrowhead California, United States
Publisher:
ACM
Abstract:
A key problem facing current computing systems is the inability to autonomously manage security vulnerabilities as well as more mundane errors. Since the design of computer architectures is usually performance-driven, hardware often lacks primitives for tasks in which raw speed is not the primary goal. There is little architectural support for monitoring execution at the instruction level, and no mechanisms for assisting an automated response. This paper advocates modifying general-purpose processors to provide both program supervision and automatic response via a policy-driven monitoring mechanism and instruction stream rewriting, respectively. These capabilities form the basis of speculative virtual verification (SVV).SVV is a model for the speculative execution of code based on high-level security and safety constraints. We introduce architectural enhancements to support this framework, including the ability to supply an automated response by rewriting the instruction stream. Finally, given the novelty of the SVV approach to executing software, we briefly consider some important challenges for SVV-based systems.
Subject(s):
Computer science
Publisher DOI:
10.1145/1146269.1146295
Item views:
32
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use