26 research outputs found

    A Security Verification Template to Assess Cache Architecture Vulnerabilities

    No full text
    In the recent years, cache based side-channel attacks have become a serious threat for computers. To face this issue, researches have been looking at verifying the security policies. However, these approaches are limited to manual security verification and they typically work for a small subset of the attacks. Hence, an effective verification environment to automatically verify the cache security for all side-channel attacks is still missing. To address this shortcoming, we propose a security verification methodology that formally verifies cache designs against cache side-channel vulnerabilities. Results show that this verification template is a straightforward, automated method in verifying cache invulnerability.Accepted author manuscriptComputer EngineeringQuantum & Computer Engineerin

    Survey on Architectural Attacks: A Unified Classification and Attack Model

    No full text
    According to the World Economic Forum, cyberattacks are considered as one of the most important sources of risk to companies and institutions worldwide. Attacks can target the network, software, and/or hardware. Over the years, much knowledge has been developed to understand and mitigate cyberattacks. However, new threats have appeared in recent years regarding software attacks that exploit hardware vulnerabilities. This article defines these attacks as architectural attacks. Today, both industry and academia have only limited comprehension of architectural attacks, which represents a critical issue for the design of future systems. To this end, this work proposes a new taxonomy, a new attack model, and a complete survey of existing architectural attacks. As a result, it provides the tools to understand architectural attacks in more depth and to start building improved designs and protection mechanisms.Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.Quantum & Computer Engineerin

    A clearing function based bid-price approach to integrated order acceptance and release decisions

    No full text
    In this paper, we consider the order acceptance and order release decisions of a manufacturer facing order-specific demand. In contrast to previous literature, both demand and production are stochastic. We develop a novel bid-price-based revenue management approach to solve this decision problem. The production system is modeled using clearing functions to capture the non-linear inter-dependency of workload and lead times in stochastic production systems. In extant literature, a common approach to cope with variability in a production system is to introduce fixed, workload-independent lead times. We show in a numerical study that our newly developed approach based on clearing functions clearly outperforms this fixed lead time approach

    Revenue management in an assemble-to-order production system

    No full text
    In this paper, we consider demand management decisions for an assemble-to-order production system in which both the availability of intermediate material and assembly capacity are limited. For each incoming order, the manufacturer must decide whether to accept it and what due date to quote for an accepted order. The actual assembly dates are still subject to change after these decisions, and a production schedule must be maintained to guarantee that the quoted due dates are met. Therefore, the decisions on accepting orders and quoting due dates must be made with incomplete knowledge of the actual resources used to fulfill the orders. To address these factors, we model this situation and develop a novel revenue management approach using bid prices. An extensive numerical study demonstrates the good performance of the proposed approach in comparison with benchmark algorithms and an ex-post optimal solution applied over a wide range of different supply and demand scenarios. Our results suggest that the consideration of assembly capacity constraints is more vital than the consideration of intermediate material constraints in our test cases

    Revenue management approach to due date quoting and scheduling in an assemble-to-order production system

    No full text
    In this paper, we consider demand management decisions for an assemble-to-order production system in which both the availability of intermediate material and assembly capacity are limited. For each incoming order, the manufacturer must decide whether to accept it and what due date to quote for an accepted order. The actual assembly dates are still subject to change after these decisions, and a production schedule must be maintained to guarantee that the quoted due dates are met. Therefore, the decisions on accepting orders and quoting due dates must be made with incomplete knowledge of the actual resources used to fulfill the orders. To address these factors, we model this situation and develop a novel revenue management approach using bid prices. An extensive numerical study demonstrates the good performance of the proposed approach in comparison with benchmark algorithms and an ex-post optimal solution applied over a wide range of different supply and demand scenarios. Our results suggest that the consideration of assembly capacity constraints is more vital than the consideration of intermediate material constraints in our test cases

    LiD-CAT: A Lightweight Detector for Cache ATtacks

    No full text
    Cache attacks are one of the most wide-spread and dangerous threats to embedded computing systems' security. A promising approach to detect such attacks at runtime is to monitor the System-on-Chip (SoC) behavior. However, designing a secure SoC capable of detecting such attacks is very challenging: the monitors should be lightweight in order to avoid excessive power/energy and area costs and the attack behavior should be clearly known upfront. In this work, we present LiD-CAT, a lightweight and flexible hardware detector that is aware of leakage patterns that can be used by attackers to perform cache based attacks. LiD-CAT is a cache wrapper that implements a set of leakage properties derived from cache attacks and cache models using templates. These templates identify suspicious behavior that may lead to cache attacks. LiD-CAT is evaluated using two different cache architectures, one with a secure cache and one without. On each of them, SPEC2000 benchmarks are run together with malicious applications that execute cache attacks (i.e., Evict+Time, Prime+Probe, Flush+Reload and Flush+Flush). Results show that our lightweight detector successfully detects 99.99% of the attacks with less than 1% false-positives, has no timing penalties, and increases the area of a SoC with only 1.6%.Accepted author manuscriptComputer EngineeringQuantum & Computer Engineerin

    Software-Based Mitigation for Memory Address Decoder Aging

    No full text
    Integrated circuits typically contain design margins to compensate for aging. As aging impact increases with technology scaling, bigger margins are necessary to achieve the desired reliability. However, these increased margins lead to a reduced performance and lower yield. Alternatively, mitigation schemes can be deployed to reduce the aging. This paper proposes a software-based method to mitigate the aging of the memory's address decoder logic due to Bias Temperature Instability. The method is based on periodically applying a rejuvenation application on top of a user application. The goal of the rejuvenation application is to recover aged transistors of the critical paths of the address decoder. The experimental results show that the proposed method significantly reduces aging in cases when applications consist of memory access patterns that result in an unbalanced stress in the address decoder logic. In particular, it reduces the degradation of the address decoder's setup delay by up to 43% with an execution overhead of only 1%.Accepted Author ManuscriptComputer EngineeringQuantum & Computer Engineerin

    Revenue management in a multi-stage make-to-order production system

    No full text
    In the present paper, we consider the demand management decisions of a manufacturer facing stochastic demand. While in the previous literature, either the order release decisions are fixed upon arrival or a single-stage production environment is assumed, we make online order acceptance and order release decisions in a multi-stage production system. After describing the problem formally as a stochastic dynamic program, we develop a bid-pricebased revenue management approach in which the order acceptance and order release decisions are made based on previously computed bid prices and feasibility according to a linear program describing the multi-stage production system. A numerical study shows the good performance of the approach compared to an ex-post optimal solution in various supply and demand settings as well as the benefits relative to existing models, which work under simplifying assumptions
    corecore