@COMMENT This file was generated by bib2html.pl <https://sourceforge.net/projects/bib2html/> version 0.94
@COMMENT written by Patrick Riley <http://sourceforge.net/users/patstg/>
@COMMENT This file came from Sanjit Seshia's publication pages at http://www.eecs.berkeley.edu/~sseshia
@inproceedings{godbole-ccs24,
author = {Adwait Godbole and
Yatin A. Manerkar and
Sanjit A. Seshia},
title = {SemPat: From Hyperproperties to Attack Patterns for Scalable Analysis of Microarchitectural Security},
booktitle = {Proceedings of the 31th ACM Conference on Computer and Communications Security (CCS)},
OPTpages = {1--10},
publisher = {{ACM}},
year = {2024},
abstract = {Microarchitectural security verification of software has seen the emergence of two broad classes of approaches. The first uses non-interference-based semantic security properties which are verified for a given program and a given model of the hardware microarchitecture. The second is based on attack patterns, which, if found in a program execution, indicates the presence of an exploit. We observe that while the former uses a formal specification that can capture several gadget variants targeting the same vulnerability, it is limited by the scalability of verification. Patterns, while more scalable, must be currently constructed manually, as they are narrower in scope and sensitive to gadget-specific structure.
<p>
This work develops a technique that, given a non-interference-based semantic security hyperproperty, automatically generates attack patterns up to a certain complexity parameter (called the skeleton size). Thus, we combine the advantages of both approaches: security can be specified by a hyperproperty that uniformly captures several gadget variants, while automatically generated patterns can be used for scalable verification. We implement our approach in a tool and demonstrate the ability to generate new patterns, (e.g., for SpectreV1, SpectreV4) and improved scalability using the generated patterns over hyperproperty-based verification.},
}