Path Sensitive Signatures for Control Flow Error Detection

Transistors' performance has been improving by shrinking feature sizes, lowering voltage levels, and reducing noise margins. However, these changes also make transistors more vulnerable and susceptible to transient faults. As a result, transient fault protection has become a crucial aspect of designing reliable systems. According to previous research, it is about 2.5x harder to mask control flow errors than data flow errors, making control flow protection critical. In this paper, we present Path Sensitive Signatures (PaSS), a low overhead and high fault coverage software method to detect illegal control flows. PaSS targets off-the-shelf embedded systems and combines two different methods to detect control flow errors that incorrectly jump to both nearby and faraway locations. In addition, it provides a lightweight technique to protect inter-procedural control flow transfers including calls and returns. PaSS is evaluated on the SPEC2006 benchmarks. The experimental results demonstrate that with the same level of fault coverage, PaSS only incurs 15.5% average performance overhead compared to 64.7% overhead incurred by the traditional signature-based technique. PaSS can also further extend fault coverage by providing inter-procedural protection at an additional 3.6% performance penalty.

[1]  Shubu Mukherjee,et al.  Architecture Design for Soft Errors , 2008 .

[2]  Ahmad Patooghy,et al.  A NEW CONTROL FLOW CHECKING METHOD TO IMPROVE RELIABILITY OF EMBEDDED SYSTEMS , 2017 .

[3]  Amin Ansari,et al.  Shoestring: probabilistic soft error reliability on the cheap , 2010, ASPLOS XV.

[4]  Scott Mahlke,et al.  Low cost control flow protection using abstract control signatures , 2013, LCTES '13.

[5]  Todd M. Austin,et al.  DIVA: a reliable substrate for deep submicron microarchitecture design , 1999, MICRO-32. Proceedings of the 32nd Annual ACM/IEEE International Symposium on Microarchitecture.

[6]  Vasileios Porpodas,et al.  DRIFT: Decoupled CompileR-Based Instruction-Level Fault-Tolerance , 2013, LCPC.

[7]  Zhi Chen,et al.  SIMD-based soft error detection , 2016, Conf. Computing Frontiers.

[8]  Chao Zhang,et al.  Practical Control Flow Integrity and Randomization for Binary Executables , 2013, 2013 IEEE Symposium on Security and Privacy.

[9]  K ReinhardtSteven,et al.  Transient fault detection via simultaneous multithreading , 2000 .

[10]  Sri Parameswaran,et al.  Hardware assisted pre-emptive control flow checking for embedded processors to improve reliability , 2006, Proceedings of the 4th International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS '06).

[11]  Shubhendu S. Mukherjee,et al.  Detailed design and evaluation of redundant multi-threading alternatives , 2002, Proceedings 29th Annual International Symposium on Computer Architecture.

[12]  Suku Nair,et al.  Design and Evaluation of System-Level Checks for On-Line Control Flow Error Detection , 1999, IEEE Trans. Parallel Distributed Syst..

[13]  Wei Liu,et al.  Control-Flow Checking Using Branch Sequence Signatures , 2016, 2016 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[14]  Edward J. McCluskey,et al.  Error detection by duplicated instructions in super-scalar processors , 2002, IEEE Trans. Reliab..

[15]  Cheng Wang,et al.  Software-based transparent and comprehensive control-flow error detection , 2006, International Symposium on Code Generation and Optimization (CGO'06).

[16]  Régis Leveugle,et al.  A new approach to control flow checking without program modification , 1991, [1991] Digest of Papers. Fault-Tolerant Computing: The Twenty-First International Symposium.

[17]  Devesh Tiwari,et al.  Compiler-Directed Lightweight Checkpointing for Fine-Grained Guaranteed Soft Error Recovery , 2016, SC16: International Conference for High Performance Computing, Networking, Storage and Analysis.

[18]  Somayeh Sardashti,et al.  The gem5 simulator , 2011, CARN.

[19]  John P. Hayes,et al.  Low-cost on-line fault detection using control flow assertions , 2003, 9th IEEE On-Line Testing Symposium, 2003. IOLTS 2003..

[20]  Eric Cheng,et al.  CLEAR: Cross-layer exploration for architecting resilience: Combining hardware and software techniques to tolerate soft errors in processor cores , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[21]  Shubhendu S. Mukherjee,et al.  Transient fault detection via simultaneous multithreading , 2000, Proceedings of 27th International Symposium on Computer Architecture (IEEE Cat. No.RS00201).

[22]  Devesh Tiwari,et al.  Low-cost soft error resilience with unified data verification and fine-grained recovery for acoustic sensor based detection , 2016, 2016 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[23]  Todd M. Austin,et al.  A Systematic Methodology to Compute the Architectural Vulnerability Factors for a High-Performance Microprocessor , 2003, MICRO.

[24]  Cheng Wang,et al.  Compiler-Managed Software-based Redundant Multi-Threading for Transient Fault Detection , 2007, International Symposium on Code Generation and Optimization (CGO'07).

[25]  Jacob A. Abraham,et al.  CEDA: Control-Flow Error Detection Using Assertions , 2011, IEEE Transactions on Computers.

[26]  Shekhar Y. Borkar,et al.  Microarchitecture and Design Challenges for Gigascale Integration , 2004, MICRO.

[27]  Eric Rotenberg,et al.  AR-SMT: a microarchitectural approach to fault tolerance in microprocessors , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[28]  Aviral Shrivastava,et al.  InCheck: An in-application recovery scheme for soft errors , 2017, 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).

[29]  John L. Henning SPEC CPU2006 benchmark descriptions , 2006, CARN.

[30]  David I. August,et al.  Software-controlled fault tolerance , 2005, TACO.

[31]  Robert F. Lucas,et al.  RedThreads: An Interface for Application-Level Fault Detection/Correction Through Adaptive Redundant Multithreading , 2016, International Journal of Parallel Programming.

[32]  Scott A. Mahlke,et al.  Harnessing Soft Computations for Low-Budget Fault Tolerance , 2014, 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture.

[33]  Martin Schulz,et al.  A Foundation for the Accurate Prediction of the Soft Error Vulnerability of Scientific Applications , 2009 .

[34]  Zhi Wang,et al.  HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity , 2010, 2010 IEEE Symposium on Security and Privacy.

[35]  Gary S. Tyson,et al.  Guaranteeing Hits to Improve the Efficiency of a Small Instruction Cache , 2007, 40th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO 2007).

[36]  Y. C. Yeh,et al.  Triple-triple redundant 777 primary flight computer , 1996, 1996 IEEE Aerospace Applications Conference. Proceedings.

[37]  David I. August,et al.  SWIFT: software implemented fault tolerance , 2005, International Symposium on Code Generation and Optimization.

[38]  Massimo Violante,et al.  Soft-error detection using control flow assertions , 2003, Proceedings 18th IEEE Symposium on Defect and Fault Tolerance in VLSI Systems.

[39]  Aviral Shrivastava,et al.  NEMESIS: A software approach for computing in presence of soft errors , 2017, 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[40]  Yun Zhang,et al.  DAFT: Decoupled Acyclic Fault Tolerance , 2010, 2010 19th International Conference on Parallel Architectures and Compilation Techniques (PACT).

[41]  H. Severínová,et al.  Control-Flow Checking Using Binary Encoded Software Signatures , 2015 .

[42]  Lisa Spainhower,et al.  Commercial fault tolerance: a tale of two systems , 2004, IEEE Transactions on Dependable and Secure Computing.

[43]  Hans Hallez,et al.  Random Additive Signature Monitoring for Control Flow Error Detection , 2017, IEEE Transactions on Reliability.

[44]  George Candea,et al.  Code-pointer integrity , 2014, OSDI.

[45]  Devesh Tiwari,et al.  Compiler-Directed Soft Error Detection and Recovery to Avoid DUE and SDC via Tail-DMR , 2016, ACM Trans. Embed. Comput. Syst..

[46]  David García,et al.  NonStop/spl reg/ advanced architecture , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[47]  Scott Mahlke,et al.  Low-cost prediction-based fault protection strategy , 2020, CGO.

[48]  Zhenkai Liang,et al.  Jump-oriented programming: a new class of code-reuse attack , 2011, ASIACCS '11.

[49]  Mihai Budiu,et al.  Control-flow integrity principles, implementations, and applications , 2009, TSEC.

[50]  Soontae Kim,et al.  Low-Cost Control Flow Protection via Available Redundancies in the Microprocessor Pipeline , 2015, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[51]  Albert Meixner,et al.  Argus: Low-Cost, Comprehensive Error Detection in Simple Cores , 2007, 40th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO 2007).

[52]  Benjamin Carrión Schäfer,et al.  Control Flow Checking Optimization Based on Regular Patterns Analysis , 2018, 2018 IEEE 23rd Pacific Rim International Symposium on Dependable Computing (PRDC).

[53]  Hossein Pedram,et al.  Software-Based Control Flow Checking Against Transient Faults in Industrial Environments , 2014, IEEE Transactions on Industrial Informatics.

[54]  David J. Lu Watchdog Processors and Structural Integrity Checking , 1982, IEEE Transactions on Computers.

[55]  Milo M. K. Martin,et al.  SafetyNet: improving the availability of shared memory multiprocessors with global checkpoint/recovery , 2002, Proceedings 29th Annual International Symposium on Computer Architecture.

[56]  Vikram S. Adve,et al.  LLVM: a compilation framework for lifelong program analysis & transformation , 2004, International Symposium on Code Generation and Optimization, 2004. CGO 2004..

[57]  Aviral Shrivastava,et al.  Quantitative analysis of Control Flow Checking mechanisms for soft errors , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[58]  Kiho Choi,et al.  SSCFM: Separate Signature-Based Control Flow Error Monitoring for Multi-Threaded and Multi-Core Environments , 2019 .

[59]  Edward J. McCluskey,et al.  Control-flow checking by software signatures , 2002, IEEE Trans. Reliab..

[60]  Ravishankar K. Iyer,et al.  Hierarchical Error Detection in a Software Implemented Fault Tolerance (SIFT) Environment , 2000, IEEE Trans. Knowl. Data Eng..

[61]  Amin Ansari,et al.  Encore: Low-cost, fine-grained transient fault recovery , 2011, 2011 44th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[62]  Edward J. McCluskey,et al.  Concurrent Error Detection Using Watchdog Processors - A Survey , 1988, IEEE Trans. Computers.

[63]  Mehdi Bagherizadeh,et al.  A High Performance and Secure Way to Time Synchronization in Wireless Sensor Network , 2016 .