Originally published on ArXiv - Hardware Architecture

Computer Science > Cryptography and Security

arXiv:2202.03749v3 (cs)

[Submitted on 8 Feb 2022 (v1), last revised 5 Jul 2022 (this version, v3)]

Title:CVA6's Data cache: Structure and Behavior

Authors:Valentin Martinoli, Yannick Teglia, Abdellah Bouagoun, Régis Leveugle

View a PDF of the paper titled CVA6's Data cache: Structure and Behavior, by Valentin Martinoli and 3 other authors

View PDF

Abstract:Since Spectre and Meltdown's disclosure in 2018, a new category of attacks has been identified and characterized by the scientific community. The Foreshadow attack, which was the first one to target Intel's secure enclave technology (namely SGX) has been developed shortly after. It opened the way to micro architectural attacks on Intel's architecture, and led to the quick development of micro architectural attacks until today. While Spectre and Meltdown are often considered as the first micro architectural attacks, one can argue that cache attacks, as introduced by Osvik et al. in 2006, can be seen as the first types of micro architectural attacks that were developed. Now, even though there are many variants, they are still the most prominent type of micro architectural attacks. One example of cache micro architectural covert-channel is the Prime+Probe. Lately targeting the Intel architecture, the micro architectural attacks are now challenging a wider variety of CPUs. Recently, CPUs running the RISC-V Instruction Set Architecture have been targeted. One famous and widely used RISC-V CPU is the ETH Zurich's CVA6 (formerly Ariane) core. CVA6 is a 6-stage, single issue, in-order CPU. To the best of our knowledge, there is no existing document presenting very detailed aspects of the CVA6's micro architecture, especially with respect to the data cache. Such information is mandatory to deeply understand any architectural or micro architectural study successfully, such as the replication of the Prime+Probe attack on the CVA6 CPU proposed by Nils Wistoff. This paper presents the implementation of the Data cache in the CVA6 CPU from OpenHW Group by focusing on its memory structure and explaining through several examples what happens when a request for memory allocation occurs.

Comments:

Subjects:

Cryptography and Security (cs.CR); Hardware Architecture (cs.AR)

Cite as:

arXiv:2202.03749 [cs.CR]

(or arXiv:2202.03749v3 [cs.CR] for this version)

https://doi.org/10.48550/arXiv.2202.03749

Focus to learn more

arXiv-issued DOI via DataCite

Submission history

From: Valentin Martinoli [view email]
[v1] Tue, 8 Feb 2022 09:39:31 UTC (1,737 KB)
[v2] Tue, 1 Mar 2022 15:47:02 UTC (1,732 KB)
[v3] Tue, 5 Jul 2022 13:46:54 UTC (1,734 KB)

Full-text links:

Access Paper:

View a PDF of the paper titled CVA6's Data cache: Structure and Behavior, by Valentin Martinoli and 3 other authors

• View PDF

view license

Current browse context:

cs.CR

< prev   |   next >

new | recent | 2022-02

Change to browse by:

cs
cs.AR

References & Citations

• NASA ADS
• Google Scholar
• Semantic Scholar

DBLP - CS Bibliography

listing | bibtex

export BibTeX citation Loading…

BibTeX formatted citation

×

loading…

Data provided by:

Bookmark

[

](http://www.bibsonomy.org/BibtexHandler?requTask=upload&url=https://arxiv.org/abs/2202.03749&description=CVA6's Data cache: Structure and Behavior "Bookmark on BibSonomy")[

](https://reddit.com/submit?url=https://arxiv.org/abs/2202.03749&title=CVA6's Data cache: Structure and Behavior "Bookmark on Reddit")

Bibliographic Tools

Bibliographic and Citation Tools

Bibliographic Explorer Toggle

Bibliographic Explorer (What is the Explorer?)

Connected Papers Toggle

Connected Papers (What is Connected Papers?)

Litmaps Toggle

Litmaps (What is Litmaps?)

scite.ai Toggle

scite Smart Citations (What are Smart Citations?)

Code, Data, Media

Code, Data and Media Associated with this Article

alphaXiv Toggle

alphaXiv (What is alphaXiv?)

Links to Code Toggle

CatalyzeX Code Finder for Papers (What is CatalyzeX?)

DagsHub Toggle

DagsHub (What is DagsHub?)

GotitPub Toggle

Gotit.pub (What is GotitPub?)

Huggingface Toggle

Hugging Face (What is Huggingface?)

Links to Code Toggle

Papers with Code (What is Papers with Code?)

ScienceCast Toggle

ScienceCast (What is ScienceCast?)

Demos

Demos

Replicate Toggle

Replicate (What is Replicate?)

Spaces Toggle

Hugging Face Spaces (What is Spaces?)

Spaces Toggle

TXYZ.AI (What is TXYZ.AI?)

Related Papers

Recommenders and Search Tools

Link to Influence Flower

Influence Flower (What are Influence Flowers?)

Core recommender toggle

CORE Recommender (What is CORE?)

• Author
• Venue
• Institution
• TopicAbout arXivLabs

arXivLabs: experimental projects with community collaborators

arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.

Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.

Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.

Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)

AI Analysis

Key Highlights

• Security Context: The research is situated within the field of microarchitectural attacks, stemming from disclosures like Spectre and Meltdown, emphasizing the continued relevance of cache attacks (e.g., Prime+Probe).
• RISC-V Targeting: Microarchitectural attacks are increasingly moving beyond Intel architectures to challenge RISC-V CPUs, specifically targeting the popular OpenHW Group's CVA6 (formerly Ariane) core.
• Documentation Gap: The core contribution is filling a significant gap in knowledge by presenting detailed, previously unavailable information on the CVA6 data cache structure and behavior.
• Enabling Research: This detailed information is deemed mandatory for researchers attempting to replicate microarchitectural studies, such as the Prime+Probe attack, on the CVA6 CPU.

Technical Details

• Target CPU: CVA6 (formerly Ariane), developed by ETH Zurich and maintained by the OpenHW Group.
• Core Specification: CVA6 is described as a 6-stage, single-issue, in-order CPU.
• Focus Area: Detailed microarchitectural presentation of the Data cache implementation.
• Methodology: The paper focuses on the cache's internal memory structure and uses several examples to explain the processes involved when a memory allocation request is handled.

Implications

• Enhanced RISC-V Security Research: By providing granular details of the cache implementation, this paper acts as a foundational resource, enabling sophisticated security analysis and the development of effective hardware mitigations against side-channel and microarchitectural attacks on the CVA6 core.
• Ecosystem Maturity: The necessity of documenting these low-level details confirms that RISC-V cores like CVA6 are maturing into significant targets, requiring the same deep security introspection previously reserved for commercial x86 architectures.
• Transparency for Open Hardware: This documentation improves transparency for one of the most prominent open-source RISC-V implementations, benefiting both academic researchers and commercial adopters of the OpenHW Group’s IP.