BasicBlocker: ISA Redesign to Make Spectre-Immune CPUs Faster

Abstract

This paper introduces BasicBlocker, a novel ISA redesign that enables non-speculative CPUs to achieve performance comparable to systems utilizing speculative execution, thereby addressing Spectre-class attacks robustly. BasicBlocker is a generic modification applicable to all common ISAs, countering the prevailing belief that eliminating speculation is unacceptably expensive. The feasibility of this approach is demonstrated through BBRISC-V, a modified RISC-V variant, evaluated across both in-order and out-of-order processor architectures.

Report

Key Highlights

• Security Goal: Eliminate speculative execution entirely to achieve provable immunity against microarchitectural attacks, such as Spectre.
• Core Innovation: BasicBlocker, a generic Instruction Set Architecture (ISA) modification that works across common ISAs.
• Performance Recovery: BasicBlocker allows non-speculative CPUs to regain the majority of the performance benefits typically associated with speculative execution.
• Demonstration: The concept was implemented as BBRISC-V, a specific variant of the RISC-V ISA.
• Evaluation Scope: The system was thoroughly evaluated on both a 5-stage in-order soft core and a superscalar out-of-order processor, using associated compiler tools and benchmark programs.

Technical Details

• Methodology: BasicBlocker fundamentally changes the ISA definition rather than relying on compiler updates, firmware patches, or minor hardware tweaks, which are often proven insufficient against speculative attacks.
• BBRISC-V: This is the specific implementation defined by the authors to demonstrate BasicBlocker's integration with an existing, modern ISA (RISC-V).
• Components Required: Implementing BasicBlocker necessitates both hardware updates (for the new ISA) and corresponding compiler updates to leverage the new instruction set structure.
• Alternative to Cost: The premise of the work refutes prior cost analyses that dismissed non-speculative designs, arguing those analyses were flawed because they only considered software written for existing, speculation-optimized ISAs.

Implications

• Stronger Security Baseline: BasicBlocker offers a path toward truly secure hardware design by eliminating the underlying vulnerability (speculative execution) at the architectural level, rather than relying on imperfect runtime mitigation.
• RISC-V Ecosystem Advancement: The choice of RISC-V for the BBRISC-V implementation highlights the agility of open ISAs in integrating fundamental architectural security features, potentially positioning RISC-V as a leader in future secure CPU designs.
• Challenging Performance Tradeoffs: This research directly challenges the conventional wisdom that maximum security necessitates significant performance degradation, potentially paving the way for high-performance, non-speculative processors.
• Future ISA Design: BasicBlocker provides a blueprint for how future ISAs, particularly those targeting security-critical applications, can be designed from inception to avoid microarchitectural side-channel vulnerabilities while maintaining competitive performance.