Funding Our Partners

Time Protection
aka Timing Channel Prevention

Aim

Design, implementation, evaluation and verification of black-box OS abstractions and mechanisms for time protection: the prevention of timing channels.

Overview

Micro-architectural timing channels result from competing access to shared, finite hardware resources. Sharing may be time-multiplexed (intra-core) or concurrent (inter-core).

Unauthorised information leakage is a violation of a system's security policy (see the background page for further explanation). Enforcing security is a primary responsibility of the operating system (OS); yet no contemporary, general-purpose OS has the means for preventing this violation. Our aim is to change this.

Our formally verified seL4 microkernel provably prevents other security violations, including through covert storage channels. This makes timing channels the last, fundamentally unsolved security problem in operating systems, and seL4 the ideal platform for solving it.

In particular, the OS must provide mandatory enforcement of timing-channel freedom, i.e. security enforcement must not depend on application cooperation. Mandatory enforcement is the only way to ensure that untrusted code operating on secret information does not leak it. Such code is commonplace: legacy software stacks running on untrustworthy mainstream OSes such as Linux, Macos or Windows, smartphone apps, browser plugins and server-provided Javascript routinely process confidential data. Furthermore, the use of gadgets in the Spectre attack has shown that even supposedly trustworthy code can be turned into a Trojan.

Hence we are looking for black-box OS-level mechanisms for providing temporary isolation. For spatial isolation such mechanisms are well-established, the core mechanism is memory protection. Here we are working on providing the corresponding temporal isolation, which we accordingly call time protection.

Approach

Our earlier investigations have shown that complete time protection is not possible on present hardware, hence solving this problem requires a hardware-software co-design approach. In other words: we need a new, security-oriented, hardware-software contract.

Consequently, we are pursuing a number of directions concurrently, with the ultimate aim of verified time protection.

OS mechanisms

We have designed and implemented (in seL4) fundamental time-protection mechanisms. These consist of:

• A new kernel clone mechanism that provides a policy-free way of setting up a system without any memory shared between security partitions (save a small number of kernel data structures that are accessed carefully to ensure deterministic execution). This eliminates any channels through a shared kernel image.

  Kernel cloning provides a way of identifying security-domain switches, thus informing the kernel at which context switches additional scrubbing operations are needed. This is a policy-free way of minimising isolation overheads.

• Security-partition switches that carefully reset all shared micro-architectural state, while making switch times completely deterministic, and in particular, independent of previous execution history.

• Mechanisms for partitioning lower-level caches, where flushing cost would be high and would not help if those caches are shared across cores. This employs page colouring, and extends to kernel code and data.

• Partitioning of interrupt sources, so the system is able to use interrupt-driven I/O, unlike classical separation kernels, which disable all interrupts and rely on high-overhead polled I/O.

We have demonstrated that these mechanisms are effective, to the degree that the hardware provides the right mechanisms for scrubbing or partitioning state. Please see the downloads page for accessing the relevant artefacts.

OS abstractions

Having developed seL4 mechanisms able to provide time protection, we now are working on suitable abstractions that integrate with the existing seL4 model, in particular the new scheduling-context capabilities that provide a principled treatment of time as a resource, with the aim of supporting mixed-criticality real-time systems.

Our aim is a similarly principled model that combines both types of temporal isolation, temporal integrity for real time, and temporal confidentiality for security.

Hardware-software contract

• We have defined the high-level properties of the HW-SW contract that the OS needs to provide time protection.
• Our collaborators at ETH Zurich have designed, implemented (on RISC-V) a simple and easy-to-implement hardware support mechanism in the form of the fence.t instruction. Their evaluation shows that the instruction is an effective and low-overhead mechanism for implementing time protection.
• A RISC-V task group is looking at adding this to the RISC-V ISA.

Verifying time protection

We are working on proving that our system provides complete time protection. This will require formally specifying the hardware-software contract (at as abstract a level as possible), including formally defining partitionable vs flushable hardware resources.

Specifically we are working on a operational specification of the required properties, so that time protection can be verified as a functional-correctness property without explicit reasoning about time. This approach will allow us to extend seL4's existing proofs of information flow security to also provide assurance about timing channels.

Our collaborators at PlanV will be formally verifying the implementation of the fence.t instruction.

Support

Time protection is financially supported by the German Cyberagentur under the Ecosystem formally verifiable IT – Provable cybersecurity (EvIT) program as part of the PISTIs-V Project.

It was previously supported by grants from the Australian Research Council (ARC) and from US Air Force the Asian Office for Aerospace Research and Development (AOARD).

Collaboration

We are partnered with:

• Munich-based PlanV on verifying the hardware implementation of fence.t
• The PULP team at the Integrated Systems Lab of ETH Zurich on the design of hardware-support mechanisms (such as fence.t).

News

• 25-12: Sai Nair, Thomas Liang and Varun Sethu completed honours theses in time protection topics.
  • Sai and Thomas developed better ways to assert and prove bounding of touched addresses down to seL4's C specification.
  • Varun implemented and evaluated new time-protected cross-domain mechanisms for seL4 notifications and shared memory.
• 25-01-20: Cyberagentur announces funding for the PISTIs-V project. Our time protection work, which was on hold since the ARC funding ran out, is being restarted as part of PISTIs-V — stay tuned!
• 22-11: Our paper on our Isabelle/HOL formalisation of time protection has been accepted by FM 2023.
• 21-02: Our joint paper with ETH reporting the prototype implementation and evaluation of hardware support for time protection wins the Best Paper Award at DATE.
• 19-07: Gernot Heiser wins a grant from the AOARD as further support for verifying time protection.
• 19-04: Our paper reporting the implementation and evaluation of time protection wins the Best Paper Award at EuroSys.
• 18-11: Gernot Heiser, Toby Murray and Gerwin Klein won a 3-year (2019–2021) Discovery Grant from the ARC for verifying time protection.
• 18-08: Our paper introducing the concept of time protection wins the Best Paper Award at APSys.
• 18-04: We undertook a comprehensive analysis of microarchitectural timing channels on multiple Intel and ARM processors and the effectiveness of hardware-provided defences.

Contacts

• Gernot Heiser, gernot<at>unsw.edu.au (Systems)
• Rob Sison, r.sison<at>unsw.edu.au (Verification)

People

Publications

2025

Sai Nair Updating L4v invariants to aid time protection proofs BSc(Hons) Thesis, School of Computer Science and Engineering, Sydney, Australia, November, 2025

2024

		Nils Wistoff, Gernot Heiser and Luca Benini fence.t.s: Closing timing channels in high-performance out-of-order cores through ISA-supported temporal partitioning International Conference on Applications in Electronics Pervading Industry, Environment and Society (ApplePies), Turin, IT, September, 2024
		Nils Wistoff, Robert Balas, Alessandro Ottaviano, Gernot Heiser and Luca Benini ISA support for hardware resource partitioning in RISC-V RISC-V Summit Europe, Munich, DE, June, 2024

2023

		Marcelo Orenes-Vera, Hyunsung Yun, Nils Wistoff, Gernot Heiser, Luca Benini, David Wentzlaff and Margaret Martonosi AutoCC: Automatic discovery of covert channels in time-shared hardware International Symposium on Microarchitecture (MICRO), Toronto, ON, CA, October, 2023
		Robert Sison, Scott Buckley, Toby Murray, Gerwin Klein and Gernot Heiser Formalising the prevention of microarchitectural timing channels by operating systems International Symposium on Formal Methods (FM), Lübeck, DE, March, 2023
		Scott Buckley, Robert Sison, Nils Wistoff, Curtis Millar, Toby Murray, Gerwin Klein and Gernot Heiser Proving the absence of microarchitectural timing channels arXiv preprint arXiv:2310.17046, 2023
		Nils Wistoff, Moritz Schneider, Frank Gürkaynak, Gernot Heiser and Luca Benini Systematic prevention of on-core timing channels by full temporal partitioning IEEE Transactions on Computers, Volume 72, Number 5, pp. 1420–1430, 2023

2021

Nils Wistoff, Moritz Schneider, Frank Gürkaynak, Luca Benini and Gernot Heiser Microarchitectural timing channels and their prevention on an open-source 64-bit RISC-V core Design, Automation and Test in Europe (DATE), virtual, February, 2021 Best Paper Award

2020

		Gernot Heiser, Toby Murray and Gerwin Klein Towards provable timing-channel prevention ACM Operating Systems Review, Volume 54, Issue 1, pp. 1-7, August, 2020
		Nils Wistoff, Moritz Schneider, Frank Gürkaynak, Luca Benini and Gernot Heiser Prevention of microarchitectural covert channels on an open-source 64-bit RISC-V core Workshop on Computer Architecture Research with RISC-V (CARRV), Valencia, Spain, May, 2020
		Gernot Heiser, Gerwin Klein and June Andronick seL4 in Australia: From research to real-world trustworthy systems Communications of the ACM, Volume 63, Issue 4, pp. 72-75, April, 2020
		Gernot Heiser Verified seL4 on secure RISC-V processors at linux.conf.au, Gold Coast, January, 2020

2019

		Qian Ge Principled elimination of microarchitectural timing channels through operating-system enforced time protection PhD Thesis, UNSW, Sydney, Australia, October, 2019
		Gernot Heiser Security needs a better hardware-software contract Invited talk at Design Automation Conference (DAC), Las Vegas, NV, USA, June, 2019
		Gernot Heiser, Gerwin Klein and Toby Murray Can we prove time protection? Workshop on Hot Topics in Operating Systems (HotOS), pp. 23-29, Bertinoro, Italy, May, 2019
		Qian Ge, Yuval Yarom, Tom Chothia and Gernot Heiser Time protection: The missing OS abstraction EuroSys Conference, Dresden, Germany, March, 2019 Best Paper Award
		Gernot Heiser Security needs a new hardware-software contract Keynote at HiPEAC Workshop Secure Hardware, Architectures, and Operating Systems (SeHAS), January, 2019

2018

		Qian Ge, Yuval Yarom and Gernot Heiser No security without time protection: we need a new hardware-software contract Asia-Pacific Workshop on Systems (APSys), Korea, August, 2018 Best Paper Award Complete timing-channel data for evaluated x86 and Arm platforms.
		Qian Ge, Yuval Yarom, David Cock and Gernot Heiser A survey of microarchitectural timing attacks and countermeasures on contemporary hardware Journal of Cryptographic Engineering, Volume 8, Issue 1, pp. 1-27, April, 2018
		Gernot Heiser For safety's sake: we need a new hardware-software contract! IEEE Design and Test, Volume 35, Issue 2, pp. 27-30, March, 2018

2017

Qian Ge, Yuval Yarom, Frank Li and Gernot Heiser Your processor leaks information — and there's nothing you can do about it arXiv preprint, 2017

2016

Fangfei Liu, Qian Ge, Yuval Yarom, Frank Mckeen, Carlos Rozas, Gernot Heiser and Ruby B Lee CATalyst: defeating last-level cache side channel attacks in cloud computing IEEE Symposium on High-Performance Computer Architecture, pp. 406–418, Barcelona, Spain, March, 2016

2015

		Yuval Yarom, Qian Ge, Fangfei Liu, Ruby B. Lee and Gernot Heiser Mapping the Intel last-level cache The Cryptology ePrint Archive, September, 2015
		Fangfei Liu, Yuval Yarom, Qian Ge, Gernot Heiser and Ruby B Lee Last-level cache side-channel attacks are practical IEEE Symposium on Security and Privacy, pp. 605–622, San Jose, CA, US, May, 2015

2014

		David Cock, Qian Ge, Toby Murray and Gernot Heiser The last mile: An empirical study of some timing channels on seL4 ACM Conference on Computer and Communications Security, pp. 570–581, Scottsdale, AZ, USA, November, 2014
		David Cock Leakage in trustworthy systems PhD Thesis, UNSW, Sydney, Australia, August, 2014