Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020142262 - SECURE PREDICTORS FOR SPECULATIVE EXECUTION

Publication Number WO/2020/142262
Publication Date 09.07.2020
International Application No. PCT/US2019/067794
International Filing Date 20.12.2019
IPC
G06F 21/74 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
71to assure secure computing or processing of information
74operating in dual or compartmented mode, i.e. at least one secure mode
G06F 21/55 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
G06F 21/52 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
52during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure
CPC
G06F 21/52
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
52during program execution, e.g. stack integrity ; ; Preventing unwanted data erasure; Buffer overflow
G06F 21/554
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
554involving event detection and direct action
G06F 21/556
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
556involving covert channels, i.e. data leakage between processes
G06F 21/74
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
71to assure secure computing or processing of information
74operating in dual or compartmented mode, i.e. at least one secure mode
G06F 2221/033
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
2221Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
033Test or assess software
G06F 2221/2113
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
2221Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
2113Multi-level security, e.g. mandatory access control
Applicants
  • SIFIVE, INC. [US]/[US]
Inventors
  • ASANOVIC, Krste
  • WATERMAN, Andrew
Agents
  • BASILE, JR., Andrew R.
  • KNIGHT, Michelle L.
Priority Data
16/362,12122.03.2019US
62/787,24831.12.2018US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) SECURE PREDICTORS FOR SPECULATIVE EXECUTION
(FR) PRÉDICTEURS SÉCURISÉS POUR EXÉCUTION SPÉCULATIVE
Abstract
(EN)
Systems and methods are disclosed for secure predictors for speculative execution. Some implementations may eliminate or mitigate side-channel attacks, such as the Spectre-class of attacks, in a processor. For example, an integrated circuit for executing instructions includes a predictor circuit that, when operating in a first mode, uses data stored in a set of predictor entries to generate predictions. For example, the integrated circuit may be configured to: detect a security domain transition for software being executed by the integrated circuit; responsive to the security domain transition, change a mode of the predictor circuit from the first mode to a second mode and invoke a reset of the set of predictor entries, wherein the second mode prevents the use of a first subset of the predictor entries of the set of predictor entries; and, after completion of the reset, change the mode back to the first mode.
(FR)
La présente invention concerne des systèmes et des procédés destinés à des prédicteurs sécurisés pour exécution spéculative. Certains modes de réalisation peuvent éliminer ou atténuer des attaques par canaux auxiliaires, telles que la classe d'attaques Spectre, dans un processeur. Par exemple, un circuit intégré destiné à exécuter des instructions comprend un circuit prédicteur qui, lorsqu'il fonctionne dans un premier mode, utilise des données stockées dans un ensemble d'entrées de prédicteur pour générer des prédictions. Par exemple, le circuit intégré peut être configuré pour : détecter une transition de domaine de sécurité pour un logiciel en train d'être exécuté par le circuit intégré ; en réponse à la transition de domaine de sécurité, changer un mode du circuit prédicteur, du premier mode à un second mode, et appeler une réinitialisation de l'ensemble d'entrées de prédicteur, le second mode empêchant l'utilisation d'un premier sous-ensemble des entrées de prédicteur de l'ensemble d'entrées de prédicteur ; et après achèvement de la réinitialisation, changer le mode pour retourner au premier mode.
Also published as
Latest bibliographic data on file with the International Bureau