Validation of Abstract Side-Channel Models for Computer Architectures
This work addresses the need for reliable side-channel analysis in computer security, particularly for modern architectures like ARMv8-A, though it is incremental as it builds on existing validation techniques.
The authors tackled the problem of validating abstract side-channel models for computer architectures by introducing Scam-V, a methodology and tool that combines symbolic execution and program generation to test models on real hardware, successfully identifying bugs and hidden microarchitectural behaviors in ARMv8-A data-cache models.
Observational models make tractable the analysis of information flow properties by providing an abstraction of side channels. We introduce a methodology and a tool, Scam-V, to validate observational models for modern computer architectures. We combine symbolic execution, relational analysis, and different program generation techniques to generate experiments and validate the models. An experiment consists of a randomly generated program together with two inputs that are observationally equivalent according to the model under the test. Validation is done by checking indistinguishability of the two inputs on real hardware by executing the program and analyzing the side channel. We have evaluated our framework by validating models that abstract the data-cache side channel of a Raspberry Pi 3 board with a processor implementing the ARMv8-A architecture. Our results show that Scam-V can identify bugs in the implementation of the models and generate test programs which invalidate the models due to hidden microarchitectural behavior.