Modeling a Cache Coherence Protocol with the Guarded Action Language

We present a formal model built for verification of the hardware Tera-Scale ARchitecture (TSAR), focusing on its Distributed Hybrid Cache Coherence Protocol (DHCCP). This protocol is by nature asynchronous, concurrent and distributed, which makes classical validation of the design (e.g. through testing) difficult. We therefore applied formal methods to prove essential properties of the protocol, such as absence of deadlocks, eventual consensus, and fairness.Comment: In Proceedings MARS/VPT 2018, arXiv:1803.0866

VerifMSI: Practical Verification of Hardware and Software Masking Schemes Implementations

Side-Channel Attacks are powerful attacks which can recover secret information in a cryptographic device by analysing physical quantities such as power consumption. Masking is a common countermeasure to these attacks which can be applied in software and hardware, and consists in splitting the secrets in several parts. Masking schemes and their implementations are often not trivial, and require the use of automated tools to check for their correctness. In this work, we propose a new practical tool named VerifMSI which extends an existing verification tool called LeakageVerif targeting software schemes. Compared to LeakageVerif, VerifMSI includes hardware constructs, namely gates and registers, what allows to take glitch propagation into account. Moreover, it includes a new representation of the inputs, making it possible to verify three existing security properties (Non-Interference, Strong Non-Interference, Probe Isolating Non-Interference) as well as a newly defined one called Relaxed Non-Interference, compared to the unique Threshold Probing Security verified in LeakageVerif. Finally, optimisations have been integrated in VerifMSI in order to speed up the verification. We evaluate VerifMSI on a set of 9 benchmarks from the literature, focusing on the hardware descriptions, and show that it performs well both in terms of accuracy and scalability

Armistice: Micro-Architectural Leakage Modelling for Masked Software Formal Verification

Side channel attacks are powerful attacks for retrieving secret data by exploiting physical measurements such as power consumption or electromagnetic emissions. Masking is a popular countermeasure as it can be proven secure against an attacker model. In practice, software masked implementations suffer from a security reduction due to a mismatch between the considered leakage sources in the security proof and the real ones, which depend on the micro-architecture. We present the model of a system comprising an Arm Cortex-M3 obtained from its RTL description and test-vectors, as well as a model of the memory of a STM32F1 board, built exclusively using test-vectors. Based on these models, we propose Armistice, a framework for formally verifying the absence of leakage in first-order masked implementations taking into account the modelled micro-architectural sources of leakage. We show that Armistice enables to pinpoint vulnerable instructions in real world masked implementations and helps design masked software implementations which are practically secure

Transiting exoplanets from the CoRoT space mission VIII. CoRoT-7b: the first Super-Earth with measured radius

We report the discovery of very shallow (DF/F = 3.4 10-4), periodic dips in the light curve of an active V = 11.7 G9V star observed by the CoRoT satellite, which we interpret as due to the presence of a transiting companion. We describe the 3-colour CoRoT data and complementary ground-based observations that support the planetary nature of the companion. Methods. We use CoRoT color information, good angular resolution ground-based photometric observations in- and out- of transit, adaptive optics imaging, near-infrared spectroscopy and preliminary results from Radial Velocity measurements, to test the diluted eclipsing binary scenarios. The parameters of the host star are derived from optical spectra, which were then combined with the CoRoT light curve to derive parameters of the companion. We examine carefully all conceivable cases of false positives, and all tests performed support the planetary hypothesis. Blends with separation larger than 0.40 arcsec or triple systems are almost excluded with a 8 10-4 risk left. We conclude that, as far as we have been exhaustive, we have discovered a planetary companion, named CoRoT-7b, for which we derive a period of 0.853 59 +/- 3 10-5 day and a radius of Rp = 1.68 +/- 0.09 REarth. Analysis of preliminary radial velocity data yields an upper limit of 21 MEarth for the companion mass, supporting the finding. CoRoT-7b is very likely the first Super-Earth with a measured radius.Comment: Accepted in Astronomy and Astrophysics; typos and language corrections; version sent to the printer w few upgrade

Transiting exoplanets from the CoRoT space mission. VIII. CoRoT-7b: the first super-Earth with measured radius

Copyright © The European Southern Observatory (ESO)Aims. We report the discovery of very shallow (ΔF/F ≈ 3.4×10−4), periodic dips in the light curve of an active V = 11.7 G9V star observed by the CoRoT satellite, which we interpret as caused by a transiting companion. We describe the 3-colour CoRoT data and complementary ground-based observations that support the planetary nature of the companion. Methods. We used CoRoT colours information, good angular resolution ground-based photometric observations in- and out- of transit, adaptive optics imaging, near-infrared spectroscopy, and preliminary results from radial velocity measurements, to test the diluted eclipsing binary scenarios. The parameters of the host star were derived from optical spectra, which were then combined with the CoRoT light curve to derive parameters of the companion. Results. We examined all conceivable cases of false positives carefully, and all the tests support the planetary hypothesis. Blends with separation >0.40'' or triple systems are almost excluded with a 8 × 10−4 risk left. We conclude that, inasmuch we have been exhaustive, we have discovered a planetary companion, named CoRoT-7b, for which we derive a period of 0.853 59 ± 3 × 10−5 day and a radius of Rp = 1.68 ± 0.09 REarth. Analysis of preliminary radial velocity data yields an upper limit of 21 MEarth for the companion mass, supporting the finding. Conclusions. CoRoT-7b is very likely the first Super-Earth with a measured radius. This object illustrates what will probably become a common situation with missions such as Kepler, namely the need to establish the planetary origin of transits in the absence of a firm radial velocity detection and mass measurement. The composition of CoRoT-7b remains loosely constrained without a precise mass. A very high surface temperature on its irradiated face, ≈1800–2600 K at the substellar point, and a very low one, ≈50 K, on its dark face assuming no atmosphere, have been derived

Large expert-curated database for benchmarking document similarity detection in biomedical literature search

Document recommendation systems for locating relevant literature have mostly relied on methods developed a decade ago. This is largely due to the lack of a large offline gold-standard benchmark of relevant documents that cover a variety of research fields such that newly developed literature search techniques can be compared, improved and translated into practice. To overcome this bottleneck, we have established the RElevant LIterature SearcH consortium consisting of more than 1500 scientists from 84 countries, who have collectively annotated the relevance of over 180 000 PubMed-listed articles with regard to their respective seed (input) article/s. The majority of annotations were contributed by highly experienced, original authors of the seed articles. The collected data cover 76% of all unique PubMed Medical Subject Headings descriptors. No systematic biases were observed across different experience levels, research fields or time spent on annotations. More importantly, annotations of the same document pairs contributed by different scientists were highly concordant. We further show that the three representative baseline methods used to generate recommended articles for evaluation (Okapi Best Matching 25, Term Frequency-Inverse Document Frequency and PubMed Related Articles) had similar overall performances. Additionally, we found that these methods each tend to produce distinct collections of recommended articles, suggesting that a hybrid method may be required to completely capture all relevant articles. The established database server located at https://relishdb.ict.griffith.edu.au is freely available for the downloading of annotation data and the blind testing of new methods. We expect that this benchmark will be useful for stimulating the development of new powerful techniques for title and title/abstract-based search engines for relevant articles in biomedical research.Peer reviewe

Étude de deux solutions pour le support matériel de la programmation parallèle dans les multiprocesseurs intégrés : vol de travail et mémoires transactionnelles

The arrival of multiprocessor chips rises again some questions about the way of writing programs, which must then include a high degree of parallelism. We tackle this problem via two orthogonal approaches. First, via the work-stealing paradigm, for which we perform a study targeting on the first hand to seek for simple architectural characteristics giving the best performances for an implementation of this paradigm; and on the second hand to show that the overhead compared to a static parallelization is low, while allowing performances improvement thanks to dynamic load balancing. This question is nevertheless especially tackled via the transaction based programming paradigm -- sequence of instructions executing atomically from the other cores' point of view. Supporting this abstraction requires the implementation of a system called TM, often complex, either software or hardware. The study focuses first on the comparison between two hardware TM systems based on different architecture choices (cache coherence protocol), and then on the impact on performances of several conflict resolution policies, in other words the actions to be taken when two or more transactions try to access the same pieces of data.L'avènement des puces multicoeurs repose certaines questions quant aux moyens d'écrire les programmes, qui doivent alors intégrer un degré élevé de parallélisme. Nous abordons cette question par l'intermédiaire de deux points de vue orthogonaux. Premièrement via le paradigme du vol de travail, pour lequel nous effectuons une étude visant d'une part à rechercher quelles sont les caractéristiques architecturales simples donnant les meilleures performances pour une implémentation de ce paradigme ; et d'autre part à montrer que le surcout par rapport à une parallélisation statique est faible tout en permettant des gains en performances grâce à l'équilibrage dynamique des charges. Cette question est néanmoins surtout abordée via le paradigme de programmation à base de transactions -- ensemble d'instructions s'exécutant de manière atomique du point de vue des autres coeurs. Supporter cette abstraction nécessite l'implantation d'un système dit TM, souvent complexe, pouvant être logiciel ou matériel. L'étude porte premièrement sur la comparaison de systèmes TM matériels basés sur des choix architecturaux différents (protocole de cohérence de cache), puis sur l'impact d'un point de vue performances de plusieurs politiques de résolution des conflits, autrement dit des actions à prendre quand deux transactions essaient d'accéder simultanément les mêmes données

LightTM : Une Mémoire Transactionnelle conçue pour les MPSoCs

International audienceLes Mémoires Transactionnelles (TM), et en particulier les Mémoires Transactionnelles Matérielles (HTM) sont un concept attractif de programmation car elles simplifient l'écriture de programmes parallèles en délaissant les problèmes de synchronisation entre threads au système mémoire sous-jacent. Il y a récemment eu beaucoup de travaux en relation avec l'implentation de tels systèmes sur des puces multiprocesseurs (CMP). Cependant, l'implantation d'une HTM sur un SoC limite le matériel disponible : en particulier, la gestion de transactions de taille arbitrairement grande est souvent complexe, et résoudre ce problème avec peu de support matériel présente un intérêt. Nous proposons donc pour cela l'implémentation d'un système TM avec un support hardware limité conçu pour les MPSoCs, qui résout simplement le problème de débordement du cache en autorisant seulement un débordement à la fois, approche récemment proposée. Néanmoins, nos politiques de détection et de résolution des conflits sont nouvelles par rapport à l'existant. Nous comparons les performances d'exécution de trois implantations d'un sous-ensemble des benchmarks SPLASH-2 : deux avec des locks et une avec des transactions. Les résultats montrent qu'avec ce support matériel limité, les MPSoCs peuvent tirer parti du modèle de programmation TM tout en ayant des performances similaires aux programmes basés sur des locks

Lightweight Transactional Memory Systems for Large Scale Shared Memory MPSoCs

ISBN 978-1-4244-4574-5International audienceThe evolution of the consumer electronic devices leads to a consolidation of the architectures towards fairly homogeneous multiprocessor platforms. As these highly programmable architectures execute explicitly parallel programs, and until automatic parallel compilers exist, the software programmer has to expose thread (i.e. coarse grain) level parallelism to use these resources. Thread is currently a well accepted programming paradigm which relies on locks, provided by some means by the hardware, to ensure atomicity of accesses. Unfortunately, programs written with locks are hard to design and debug. A decade ago, the idea of Transactional Memories was introduced to replace locks in order to simplify programming. This paper reviews the hardware issues related to Hardware Transactional Memories and proposes some directions for the design and implementation of such systems