The Intel 80/spl times/86 processor architecture: pitfalls for secure systems

An in-depth analysis of the 80/spl times/86 processor families identifies architectural properties that may have unexpected, and undesirable, results in secure computer systems. In addition, reported implementation errors in some processor versions render them undesirable for secure systems because of potential security and reliability problems. We discuss the imbalance in scrutiny for hardware protection mechanisms relative to software, and why this imbalance is increasingly difficult to justify as hardware complexity increases. We illustrate this difficulty with examples of architectural subtleties and reported implementation errors.<<ETX>>

[1]  Jeff Jones,et al.  The Architecture of Triad: A Distributed, Real-Time, Trusted System , 1995 .

[2]  Virgil D. Gligor Analysis of the Hardware Verification of the Honeywell SCOMP , 1985, 1985 IEEE Symposium on Security and Privacy.

[3]  John C. Wray,et al.  An analysis of covert timing channels , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Wei-Ming Hu,et al.  Reducing timing channels with fuzzy time , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[5]  Carl E. Landwehr,et al.  A taxonomy of computer program security flaws , 1993, CSUR.

[6]  Joshua D. Guttman,et al.  Verifying a hardware security architecture , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[7]  Carl E. Landwehr,et al.  A Taxonomy of Computer Program Security Flaws, with Examples , 1993 .

[8]  Hilarie Orman,et al.  Reverification of a microprocessor , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[9]  W.J. Cullyer Implementing high integrity systems: the VIPER microprocessor , 1989, IEEE Aerospace and Electronic Systems Magazine.

[10]  R K Bauer,et al.  Security Concepts for Microprocessor Based Key Generator Controllers. , 1984 .

[11]  P. J. Windley,et al.  A hierarchical methodology for verifying microprogrammed microprocessors , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Jeffrey J. Joyce,et al.  Formal Verification and Implementation of a Microprocessor , 1988 .