Academic Commons

Articles

Speculative Virtual Verification: Policy-Constrained Speculative Execution

Locasto, Michael E.; Sidiroglou, Stelios; Keromytis, Angelos D.

A key problem facing current computing systems is the inability to autonomously manage security vulnerabilities as well as more mundane errors. Since the design of computer architectures is usually performance-driven, hardware often lacks primitives for tasks in which raw speed is not the primary goal. There is little architectural support for monitoring execution at the instruction level, and no mechanisms for assisting an automated response. This paper advocates modifying general-purpose processors to provide both program supervision and automatic response via a policy-driven monitoring mechanism and instruction stream rewriting, respectively. These capabilities form the basis of speculative virtual verification (SVV).SVV is a model for the speculative execution of code based on high-level security and safety constraints. We introduce architectural enhancements to support this framework, including the ability to supply an automated response by rewriting the instruction stream. Finally, given the novelty of the SVV approach to executing software, we briefly consider some important challenges for SVV-based systems.

Subjects

Files

Also Published In

Title
New Security Paradigms Workshop: Proceedings: September 20-23, 2005, Lake Arrowhead California, United States
DOI
https://doi.org/10.1145/1146269.1146295

More About This Work

Academic Units
Computer Science
Publisher
ACM
Published Here
July 11, 2012
Academic Commons provides global access to research and scholarship produced at Columbia University, Barnard College, Teachers College, Union Theological Seminary and Jewish Theological Seminary. Academic Commons is managed by the Columbia University Libraries.