新たな高信頼アーキテクチャに向けた研究 A First Step Towards A Novel Dependable Architecture MTL 坂井・五島研究室 修士1年 46424 豊島 隆志 MTL 坂井・五島研究室 Contents Background A Novel Architecture – Overview – Details Code Translation – History – Consideration Ideas for Dependability Future Works MTL 坂井・五島研究室 Background – Requirements and Adhoc supplies Dependability Requirements – Reliability, Availability ,Serviceability (RAS) Studies of Architecture Level Support – Academic studies Architecture Support for Defending Against Buffer Overflow Attacks; Jun Xu and Zbigniew Kalbarczyk and Sanjay Patel and Ravishankar K. Iyer; Proceedings of 2nd Workshop on Evaluating and Architecting System dependabilitY (EASY), 2002 Enlisting Hardware Architecture to Thwart Malicious Code Injection; Ruby B. Lee and David K. Karig and John P. McGregor and Zhijie Sh; Proceedings of 1st International Conference on Security in Pervasive Computing (SPC), 2003 A Processor Architecture Defense against Buffer Overflow Attacks; John P. McGregor and David K. Karig and Zhijie Shi and Ruby B. Lee; Proceedings of IEEE International Conference on Information Technology: Research and Education (ITRE), 2003 – Commercial products ARM SecureCore SmartMIPS ASE IA-32 NXBit Symptomati c and Imperfect MTL 坂井・五島研究室 Contents Background A Novel Architecture – Overview – Details Code Translation – History – Consideration Ideas for Dependability Future Works MTL 坂井・五島研究室 A Novel Architecture - Overview Translated Instruction Translation Cache Translation Request Invalidation Instruction Translation Unit (TU) Data Control Execution Unit (EU) Data & Tag Tag Data Cache Tag Memory Data Main Bus Main Memory Instructions for Virtual Machine (VM) MTL 坂井・五島研究室 A Novel Architecture – Details : Execution Unit Translated Instruction Execution Unit (EU) Translation Cache Translation Request Invalidation Instruction Translation Unit (TU) – Access to Data Data Cache Main Memory and Tag Memory Execution Unit (EU) Data & Tag Tag – Access to Instruction Data Cache Tag Memory Data Translation Cache Main Memory Instructions for Virtual Machine (VM) MTL 坂井・五島研究室 A Novel Architecture – Details : Translation Unit Translated Instruction Translation Unit (TU) – Binary Translation From ISA for VM To ISA for EU – Organization Translation Cache Translation Request Invalidation Instruction Translation Unit (TU) Execution Unit (EU) Data & Tag Tag Data Cache Hardware Processor Translation Software – Rapid Translation – Optimization of Translation Cache Tag Memory Data Main Memory Instructions for Virtual Machine (VM) MTL 坂井・五島研究室 Contents Background A Novel Architecture – Overview – Details Code Translation – History – Consideration Ideas for Dependability Future Works MTL 坂井・五島研究室 Code Translation - History : microprogrammed control IBM System/360 – At April 7, 1964 ROM Op.Code Instruction Control Memory Address Microprogram for Op.X Microprogram for Op.Y Sequencer Motorola MC680x0 – nanoprogram – nanoarchitecture Microprogram for Op.Z Micro architecture Control Memory (CM) MTL 坂井・五島研究室 Code Translation - History : Pentium4 (NetBurst) System Bus Frequently used paths Bus Unit Less frequently used paths 3rd Level Cache (Optional) 2nd Level Cache (8-Way) 1st Level Cache (4-Way) Front End Fetch/Decode Trace Cache Microcode ROM BTBs/Branch Prediction Execution Out-Of-Order Core Branch History Update Retirement MTL 坂井・五島研究室 Code Translation - History : Crusoe/Efficeon Memory System Fetch convert IA-32 Inst. A IA-32 Inst. B IA-32 Inst. C IA-32 Inst. D Atom VLIW Inst. Aa VLIW Inst. Ab VLIW Inst. Ba VLIW Inst. Ca VLIW Inst. Cb VLIW Inst. Da Molecule Light Optimization Inst. Aa Inst. Ab Inst. Ba Inst. Cb Inst. Da Inst. Aa Inst. Ab Inst. Ba Inst. Cb pack Inst. Da ・・・ Hot Spot Core Morphing Software Maximum Optimization & Cache VLIW Execution core MTL 坂井・五島研究室 Code Translation - History : Itanium series IA-32 Execution Layer (IA-32 EL) IA-64 IA-32 IA-32 Application Application Application IA-32 Application Runtime Information Cold Code Translation IA-32 Decoder Hot Code Translation Hot Spot Runtime Information Operation System On Execution Time Optimizer IA-32 Execution Layer Translated Code Block IA-64 VLIW core Cache Translation and Runtime Information MTL 坂井・五島研究室 Code Translation - History : Parrot Fetch Selector Branch Predict I-Cache Trace Predict Trace Cache Trace Fill Cold Exec Hot Filter Trace Select Synchronized Commit Optimizer Hot Exec Blazing Filter MTL 坂井・五島研究室 Code Translation - Considerations Requirements – ISA for Software (ISAS) High Level Language oriented More Information with Instructions – For Dynamic Optimizations • Performance & Reduced Power Supply – For Dynamic Validations • Dependability – ISA for Hardware (ISAH) Design Level Optimization – Fixed ISA restricts Hardware Design Impact – Answer the Above Requirements MTL 坂井・五島研究室 Contents Background A Novel Architecture – Overview – Details Code Translation – History – Consideration Ideas for Dependability Future Works MTL 坂井・五島研究室 Ideas for Dependability – Call Stack Protection Return Address Stack is divided from Common Stack – Permission to touch Return Address Stack is limited to … Call instruction (tacit push) Return instruction (tacit pop) Specified Push/Pop instructions for Return Address Stack – Only address value can be pushed into Return Address Stack Local Variables of Function int a; Local Variables of Function int b; char buffer[1024]; Stack Frame of Function int a; Stack Frame of Function int b; return address return address char buffer[1024]; MTL 坂井・五島研究室 Ideas for Dependability – Boundary Check Acceleration Register relative indexed addressing – Load a1, r2 – Store r1, a2 ; if (i2 > b2) raise exception else a1←(a2+i2) ; if (i1 > b1) raise exception else (a1+i1)←a2 Load Reference – Load r1, r2 ; a1←(a2+i2), b1←1(a2+i2) memory a1 b1 a1+i1 If (i1 > b1) Index reg. Boundary reg. a1 i1 b1 a2 i2 b2 a3 i3 b3 a4 i4 b4 … … … raise exception Address reg. MTL 坂井・五島研究室 Ideas for Dependability – Data Tagging Every data is tagged based on data types – Types Instruction Address Value Reference (A Pair of Address and Value) NULL – Tag value is updated by specified instructions – ALU update tags automatically after calculation – If PC points a data which is not tagged as instruction, the execution of program is stopped – When data is tagged as instruction, T$ is invalidated MTL 坂井・五島研究室 Contents Background A Novel Architecture – Overview – Details Code Translation – History – Consideration Ideas for Dependability Future Works MTL 坂井・五島研究室 Feature Works Model of Undependability – Human error leading mechanisms – Essential Realization of Dependable Mechanisms On ISAH or ISAS? – Which should we implement dependable mechanisms on More Specification – Details of Execution Unit – Outline of Translation Unit How Evaluate – SPEC, IPC, … MTL 坂井・五島研究室 COMING SOON MTL 坂井・五島研究室 Background (1) – Moore's Law Moore's Law – Cramming more components onto integrated circuits; Gordon E. Moore; Electronics, Volume 38, Number 8, April 19, 1965 The Limits of Moore's Law – No Exponential Is Forever: But “Forever” Can Be Delayed!; Gordon E. Moore; IEEE International Solid-State Circuits Conference 2003 – Limits to binary logic switch scaling – a gedanken model; V.V.Cavin, R.K. Cavin III, J.A.Hutchby, G.I.Bourianoff; Proceedings of The IEEE Volume 91, Issue 11, Nov 2003, p1934-1939 … 16nm – No end in sight for Moore's Law; Craig Barrett(Intel CEO) ; Intel Developer Fortum Spring 2005 Keynote Speech … 5nm MTL 坂井・五島研究室 Translated Instruction Translation Cache Translation Request Invalidation Instruction Translation Unit (TU) Execution Unit (EU) Data & Tag Tag Data Cache Tag Memory Data Main Bus Main Memory Instructions for Virtual Machine (VM) MTL 坂井・五島研究室 ROM Instruction Op.Code Control Memory Address Microprogram for Op.X Microprogram for Op.Y Microprogram for Op.Z Micro architecture Control Memory (CM) MTL 坂井・五島研究室 System Bus Frequently used paths Bus Unit Less frequently used paths 3rd Level Cache (Optional) 2nd Level Cache (8-Way) 1st Level Cache (4-Way) Front End Fetch/Decode Trace Cache Microcode ROM BTBs/Branch Prediction Execution Out-Of-Order Core Branch History Update Retirement MTL 坂井・五島研究室 Memory System Fetch convert IA-32 Inst. A IA-32 Inst. B IA-32 Inst. C IA-32 Inst. D Atom VLIW Inst. Aa VLIW Inst. Ab VLIW Inst. Ba VLIW Inst. Ca VLIW Inst. Cb VLIW Inst. Da Molecule Light Optimization Inst. Aa Inst. Ab Inst. Ba Inst. Cb Inst. Da Inst. Aa Inst. Ab Inst. Ba Inst. Cb pack Inst. Da ・・・ Hot Spot Core Morphing Software Maximum Optimization & Cache VLIW Execution core MTL 坂井・五島研究室 IA-64 IA-32 IA-32 Application Application Application IA-32 Execution Layer Operation System IA-32 Decoder IA-64 VLIW core MTL 坂井・五島研究室 IA-32 Application Cold Code Translation Runtime Information Hot Code Translation Runtime Information Hot Spot On Execution Time Optimizer Translated Code Block Cache Translation and Runtime Information MTL 坂井・五島研究室 Fetch Selector Branch Predict I-Cache Trace Predict Trace Cache Trace Fill Cold Exec Hot Filter Trace Select Synchronized Commit Optimizer Hot Exec Blazing Filter MTL 坂井・五島研究室 Address reg. Index reg. Boundary reg. a1 i1 b1 a2 i2 b2 a3 i3 b3 a4 i4 b4 … … … memory a1 b1 a1+i1 If (i1 > b1) raise exception MTL 坂井・五島研究室 Translated Instruction Translation Cache Translation Request Invalidation Instruction Translation Unit (TU) Execution Unit (EU) Data & Tag Tag Data Cache Tag Memory Data Main Memory Instructions for Virtual Machine (VM)
© Copyright 2024 ExpyDoc
