Automatic Inference of Hardware-Software Contracts for Open-Source Processors

Security of both hardware and software has always been an important concern, especially for applications handling sensitive information. In recent years, hardware has been threatened more and more by side-channel attacks.

At this point, hardware-software contracts could be a major improvement for microarchitectural security. Such contracts allow to specify possible information leakage through microarchitectural side channels on the level of the instruction set architecture (ISA), thus software developers, given such a contract, can ensure that sensitive data is protected by avoiding certain instructions or operations.

However, for most processors available today, the respective hardware-software contract has not been specified yet. While in the future it could be possible to incorporate hardware-software contracts in the design process of new hardware, finding a valid and meaningful contract for existing hardware is hard, even for simple designs.

This work presents an algorithm and its implementation that automatically generates a contract candidate for a given microarchitecture by analyzing execution traces to determine which executions can be distinguished by an adversary and to extract architectural differences that could be identified by a possible contract. These observations are collected and allow to eventually compute a contract candidate.