Trustworthy Systems

No security without time protection: we need a new hardware-software contract


Qian Ge, Yuval Yarom and Gernot Heiser


UNSW Sydney

The University of Adelaide

Best Paper Award Complete timing-channel data for evaluated x86 and Arm platforms.


The recent Spectre exploits demonstrated that covert timing channels are a mainstream security threat. Their prevention requires that operating systems provide time protection, in addition to the established memory protection. We propose OS mechanisms and designs which provide time protection, and define requirements on the hardware to enable them. We demonstrate that present mainstream processors do not meet these requirements, making them inherently insecure. We argue the need for a new security-oriented hardware-software contract, which we call the aISA as it augments the ISA, in order to enable time protection.

BibTeX Entry

    address          = {Korea},
    author           = {Ge, Qian and Yarom, Yuval and Heiser, Gernot},
    booktitle        = {Asia-Pacific Workshop on Systems (APSys)},
    date             = {2018-8-27},
    doi              = {10.1145/3265723.3265724},
    month            = aug,
    numpages         = {9},
    paperurl         = {},
    publisher        = {ACM},
    title            = {No Security Without Time Protection: We Need a New Hardware-Software Contract},
    year             = {2018}