AbstractsComputer Science

Processors are not perfect. Even the most modern, thoroughly verified pro- cessors contain imperfections. Processor imperfections, being in the lowest layer of the system, pose a significant problem not only for software devel- opers during design and debug, but also serve as weaknesses to the security mechanisms implemented in upper layers. With such a pervasive impact on computing systems, it is vital that processor vendors address these imperfec- tions in a way that maintains the abstraction of a perfect processor promised to software developers. This thesis proposes SoftPatch, a software-based mechanism for recovering from processor imperfections that preserves the perfect-processor abstraction promised to software developers. By combining the low detection latency of hardware-implemented detectors with lightweight, formally verified software recovery routines, the SoftPatch maintains the illusion of a perfect proces- sor in the face of processor imperfections. SoftPatch uniquely leverages the insights that (1) most of a processor???s functionality is thoroughly verified, i.e., free from imperfections, (2) the processor has redundant functionality, and (3) the processor pipeline acts as a checkpointing and rollback mecha- nism. By leveraging these insights, SoftPatch enables practical patching of processor imperfections. By reusing existing processor features, SoftPatch removes the unneeded complexity and overheads required by previous ap- proaches while still managing to reinforce the perfect-processor abstraction. To highlight SoftPatch???s ability to recover from a range of processor im- perfections and to show how systems can be built around SoftPatch, this dissertation presents the design and evaluation of two processor imperfection use cases, processor bugs and malicious processors. We implement detectors for each type of imperfection, one of which we design, and incorporate each use case???s detector with SoftPatch into a complete detection and recovery system. In general, experiments show that SoftPatch is practical and applicable to many sources of processor imperfections. Experiments with the processor bug use case, which we call Erratacator, show that that Erratacator can de- tect all 16 of the implemented processor bugs and recover from 15. The costs of processor bug recovery are less than 10% hardware area overhead and no run time overhead in the case of monitoring a single bug. Processor bug experiments also show that by exposing the reliability trade-off to software, Erratacator can monitor several processor bugs simultaneously with over- heads of less than 10%. Experiments with the malicious processor use case, which we call BlueChip, show that it is able to prevent all implemented hard- ware attacks, with no incursion on the software developer. Recovery from malicious processor test cases has a small run time overhead and approaching zero hardware area overhead.