editor's blog
Subscribe Now

Cache Clunker

We all know that server computing and embedded computing are different for lots of reasons, many of which can be summed up in one word: budget. Memory budget, performance budget, cost budget, etc. In other words, embedded systems have tight budgets, servers (and desktops and laptops) don’t. Much.

But occasionally something whacks you across the head in terms of the difference. Not long ago, there was an announcement out of MIT about a way to disguise memory access patterns for security. The deal is that, even when you’ve taken careful measures to encrypt data and otherwise keep prying eyes from snooping what’s being computed, those eyes can still monitor your memory accesses and learn too much. Hard to imagine, but apparently people way smarter than I am have shown this.

To be clear, this is positioned as an issue for cloud computing, where a set of resources may be handling delicate computing for many unrelated customers; because they share processors or memory or something, there’s the potential for, well, let’s say peeking at your neighbor’s exam paper.

Fundamental to this is the idea that multiple unrelated processes are running, something that doesn’t generally apply to embedded systems. However, if monitoring memory accesses can give away secrets, then that could still occur in an embedded device – its’ just that it might be someone breaking the thing apart and probing rather than some other co-resident process.

The solution proposed was to put an intervening piece of hardware in the memory access path. Each accessed memory address is placed in a tree, and when that memory is accessed, every address along its branch of the tree is accessed also. Then, after that, the address you really wanted is randomly swapped with some other address in the tree so that, the next time you access it, you’re traversing a totally different set of addresses.

In this manner, you’re completely shuffling your memory access patterns, making it hard (impossible?) to tell what’s going on if all you are watching is memory access.

The reason this smacked me on the head was thinking about the amount of work embedded designers go through to align memory carefully so that it packs nicely into the cache, minimizing misses and getting the most bang for each access. I struggle to think what this secure process (called “Ascend”) would do to a well-behaved cache.

Oh, and the other clue that we’re not thinking “embedded” with this? The performance hit is “only” 3-4X. To be fair, this is contrasted with other security ideas that apparently placed a 100X burden on access performance, and there’s no doubt that 3-4 is better than 100. But some embedded designers would give their left… eyeball to pick up 30-50% performance with one step.

I don’t know if there’s any way to map this idea into something more embedded-friendly; it’s intellectually interesting, and I’m not scoffing at its potential in the cloud, but unless I’m missing something (and comment below if I am), I’m not expecting this to come to a printer near me anytime soon. (And, again, to be fair, no one has suggested it should.)

You can find more in their release.

7 thoughts on “Cache Clunker”

  1. Pingback: 123movies
  2. Pingback: jogos friv
  3. Pingback: DMPK Testing
  4. Pingback: iraqi geometry

Leave a Reply

featured blogs
Dec 4, 2023
The OrCAD X and Allegro X 23.1 release comes with a brand-new content delivery application called Cadence Doc Assistant, shortened to Doc Assistant, the next-gen app for content searching, navigation, and presentation. Doc Assistant, with its simplified content classification...
Nov 27, 2023
See how we're harnessing generative AI throughout our suite of EDA tools with Synopsys.AI Copilot, the world's first GenAI capability for chip design.The post Meet Synopsys.ai Copilot, Industry's First GenAI Capability for Chip Design appeared first on Chip Design....
Nov 6, 2023
Suffice it to say that everyone and everything in these images was shot in-camera underwater, and that the results truly are haunting....

featured video

Dramatically Improve PPA and Productivity with Generative AI

Sponsored by Cadence Design Systems

Discover how you can quickly optimize flows for many blocks concurrently and use that knowledge for your next design. The Cadence Cerebrus Intelligent Chip Explorer is a revolutionary, AI-driven, automated approach to chip design flow optimization. Block engineers specify the design goals, and generative AI features within Cadence Cerebrus Explorer will intelligently optimize the design to meet the power, performance, and area (PPA) goals in a completely automated way.

Click here for more information

featured webinar

Rapid Learning: Purpose-Built MCU Software Tools for Data-Driven Embedded IoT Systems

Sponsored by ITTIA

Are you developing an MCU application that captures data of all kinds (metrics, events, logs, traces, etc.)? Are you ready to reduce the difficulties and complications involved in developing an event- and data-centric embedded system? This webinar will quickly introduce you to excellent MCU-specific software options for developing your next-generation data-driven IoT systems. You will also learn how to recognize and overcome data management obstacles. Register today as seats are limited!

Register Now!

featured chalk talk

dsPIC33CH DSCs: Two dsPIC33Cs on a Single Chip
Sponsored by Mouser Electronics and Microchip
In this episode of Chalk Talk, Vijay Bapu from Microchip and Amelia Dalton explore the benefits of dual core digital signal controllers. They discuss the key specifications to keep in mind when it comes to single core and dual core DSCs and how you can reduce your development time, save board space and cost and keep the performance and isolation you need with Microchip’s dsPIC33CH DSCs.
Jan 24, 2023
37,116 views