SORS: MI6: Secure Enclaves in a Speculative Out-of-Order Processor

Date: 16/Oct/2019 Time: 11:00


Sala d'actes de la FiB (Campus Nord)

Primary tabs


Click here to download the presentation

Abstract: MI6 is an aggressive, speculative out-of-order processor to support Secure Enclaves, which restore  the process isolation guarantees broken by recent attacks exploiting microarchitectural sidechannels.Our threat model includes an untrusted OS and an attacker capable of mounting any software attack currently considered practical, including control flow speculation attacks such as Spectre. We model the performance impact of the hardware and software mechanisms added to support enclaves in MI6 through FPGA emulation on AWS F1 FPGAs by running SPEC CINT2006 benchmarks on top of an untrusted Linux OS. Security comes at the cost of 16.7% average slowdown for protected programs (MICRO 2019). Our open-source implementation will be auditable by the architecture and the security communities down to the hardware source code.

This work is done by Thomas Bourgeat, Ilia Lebedev, Andrew Wright, and Sizhuo Zhang under the supervision of Professor Srinivas Devadas and myself.
Short bio: Arvind is the Johnson Professor of Computer Science and Engineering at MIT. Arvind’s group, in collaboration with Motorola, built the Monsoon dataflow machines and its associated software in the late eighties. In 2000, Arvind started Sandburst which was sold to Broadcom in 2006. In 2003, Arvind cofounded Bluespec Inc., an EDA company to produce a set of tools for highlevel synthesis. Arvind's current research focus is to enable rapid development of embedded systems. Arvind is a Fellow of IEEE and ACM, and a member of the National Academy of Engineering and the American Academy of Arts and Sciences.


Arvind is the Johnson Professor of Computer Science and Engineering at MIT.