Relative security: formally modeling and (dis)proving resilience against semantic optimization vulnerabilities

Dongol, B., Griffin, M., Popescu, A. orcid.org/0000-0001-8747-0619 et al. (1 more author) (2024) Relative security: formally modeling and (dis)proving resilience against semantic optimization vulnerabilities. In: 2024 IEEE 37th Computer Security Foundations Symposium (CSF). 2024 IEEE 37th Computer Security Foundations Symposium (CSF), 08-12 Jul 2024, Enschede, Netherlands. Institute of Electrical and Electronics Engineers (IEEE), pp. 403-418. ISBN: 9798350362046. ISSN: 1940-1434. EISSN: 2374-8303.

Abstract

Meltdown and Spectre are vulnerabilities known as transient execution vulnerabilities, where an attacker exploits speculative execution (a semantic optimization present in most modern processors) to break confidentiality. We introduce relative security, a general notion of information-flow security that models this type of vulnerability by contrasting the leaks that are possible in a 'vanilla' semantics with those possible in a different semantics, often obtained from the vanilla semantics via some optimizations. We describe incremental proof methods, in the style of Goguen and Meseguer's unwinding, both for proving and for disproving relative security, and deploy these to formally establish the relative (in)security of some standard Spectre examples. Both the abstract results and the case studies have been mechanized in the Isabelle/HOL theorem prover.

Metadata

Item Type:	Proceedings Paper
Authors/Creators:	Dongol, B. Griffin, M. Popescu, A. https://orcid.org/0000-0001-8747-0619 Wright, J.
Copyright, Publisher and Additional Information:	© 2024 The Authors. Except as otherwise noted, this author-accepted version of a paper published in 2024 IEEE 37th Computer Security Foundations Symposium (CSF) is made available via the University of Sheffield Research Publications and Copyright Policy under the terms of the Creative Commons Attribution 4.0 International License (CC-BY 4.0), which permits unrestricted use, distribution and reproduction in any medium, provided the original work is properly cited. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ Supplementary information: © 2024 The Author(s). For reuse permissions, please contact the Author(s).
Keywords:	relative security; information flow security; Spectre; Meltdown; transient execution vulnerability; unwinding; Isabelle/HOL
Dates:	Published (online): 20 September 2024 Published: 20 September 2024
Institution:	The University of Sheffield
Academic Units:	The University of Sheffield > Faculty of Engineering (Sheffield) > Department of Computer Science (Sheffield)
Funding Information:	Funder Grant number ENGINEERING AND PHYSICAL SCIENCE RESEARCH COUNCIL EP/R025134/2 ENGINEERING AND PHYSICAL SCIENCE RESEARCH COUNCIL EP/X015114/1
Depositing User:	Symplectic Sheffield
Date Deposited:	08 Sep 2025 14:34
Last Modified:	08 Sep 2025 14:34
Status:	Published
Publisher:	Institute of Electrical and Electronics Engineers (IEEE)
Refereed:	Yes
Identification Number:	10.1109/csf61375.2024.00027
Related URLs:	Author Conference
Open Archives Initiative ID (OAI ID):	oai:eprints.whiterose.ac.uk:231110

CORE (COnnecting REpositories)

Relative security: formally modeling and (dis)proving resilience against semantic optimization vulnerabilities

Abstract

Metadata

Downloads

Accepted Version

Supplemental Material

Export

Statistics