Other Instruction Sets Flashcards
What type of machine was EDSAC?
Accumulator machine
What is a disadvantage of accumulator machines?
Huge memory churn since every instruction reads/writes data from/to memory, because there is no cache or other registers
What was missing from the EDSAC instruction set?
- Subroutines
- Interrupts
- Virtual memory
- Rich I/O
How do accumulator machines work?
The accumulator is the only register, so there is one value in the CPU to manipulate and everything else is in memory
What type of machine was the Cray-1 supercomputer?
Vector machine
How do vector machines work?
Instructions operate on a vector of operands simultaneously
Describe the Cray-1 ISA
Different instructions for arithmetic and register operations
Different vector and address registers
What features was Xerox Alto the first computer to have?
- GUI
- Mouse
- Ethernet
4 Laser printer
What type of ISA is Intel x86?
CISC
What characterises a CISC ISA?
Variable length instructions that are complex to decode, often decoded into micro-operations that are similar to RISC instructions
Many registers are special purpose
What type of ISA is ARM?
RISC
Describe the Java bytecode ISA
Instruction set focused on portability
Has variable length instructions - first byte is opcode, next n bytes of operands
What type of machine is the Java bytecode ISA executed on?
Stack-based machine
Describe a stack-based machine
Operand stack is used instead of registers, values are pushed and popped from the stack
Top of stack is dependency for most instructions, can limit instruction level parallelism
Hidden registers for PC, stack pointer etc.
Describe the HeartBleed bug
SSH protocol - client and server send ‘heartbeat’ messages to confirm they are still alive. Server never checked to see if it was overflowing out of buffer that stores word requested by client, so would send buffer contents and the next x bits in memory, which could contain sensitive information
How could the HeartBleed bug have been prevented?
Use hardware (CHERI processor) to dynamically check bounds and guarantee pointer integrity and provenance
What is the solution to both HeatBleed and reducing the attack surface?
CHERI
Application-level least privilege
What is CHERI?
Processor technology to improve security. Software compartmentalisation decomposes software into isolated compartments that are delegated limited rights. Able to mitigate unknown and as-yet undiscovered vulnerabilities
Which 2 principles does CHERI help to uphold?
- Principle of intentional use
- Principle of least privilege
What is the principle of intentional use? How does CHERI uphold it?
Ensure the software runs the way the programmer intended, not the way the attacker tricked it
Upheld using guaranteed pointer integrity and provenance, efficient dynamic bounds checking (compiler encodes bounds and permissions information)
This automatically mitigates buffer-overflow attacks
What is the principle of least privilege? How does CHERI uphold it?
Reduce the attack surface
Upheld using software compartmentalisation
What is the new type CHERI adds?
The Capability
What is a Capability?
Bounds checked pointer with integrity, held in memory and registers
Draw a diagram of a Capability and how it is stored in virtual memory
.
