The Effect of Input Data on Program Vulnerability

The System Vulnerability Stack is a novel method to compute a system’s vulnerability to transient faults (see Figure 1). The vulnerability stack observes that a system consists of multiple independent layers that interact through well-defined interfaces (e.g., the ISA). Therefore, the vulnerability stack quantifies fault masking within an individual layer by focusing on its interfaces: a fault that does not propagate to a layer’s interfaces will be masked. These layer-level measurements can then be combined to yield a full-system vulnerability measure. The vulnerability stack can have myriad benefits for architects interested in system vulnerability calculation. For instance, the vulnerability stack isolates hardware-level from software-level fault masking effects. This allows softwarebased reliability studies to report program-level fault masking (e.g., Program Vulnerability Factor [1]) instead of systemlevel fault masking (e.g., Architectural Vulnerability Factor [2]). For instance, Jones et al. examine the impact of compiler optimizations on AVF [3]. The authors report that compiler flag -freorder-blocks reduces AVF across a range of benchmarks. However, we do not know whether the optimization affected the benchmarks’ application derating (software vulnerability) or the machine derating (hardware vulnerability) of the system under test [4]. If the latter, the compiler flag may have a different effect on different hardware. In principle, the vulnerability stack can also eliminate much redundant computation currently required for design-time AVF analysis. The PVF of a program can be computed once, and the results used in all further simulations that use this program. Since benchmark programs typically have a useful life of many years, this can lead to a significant reduction in overall simulation time, potentially reducing the time-to-market for new products. Finally, through fault abstraction, the vulnerability stack enables a much broader segment of the computer architecture and software engineering communities to participate in the vulnerability assessment process. Currently, these activities are performed by architects equipped with a microarchitecture simulator. By defining the effects of a fault on the ISA, the vulnerability stack allows a software architect to assess the vulnerability an application without the need for a microarchitecture model. In this work, we first present an introduction to the System Vulnerability Stack. We then examine a limitation of the vulnerability stack: its dependence on input data. Specifically, program vulnerability calculations depend on the inputs to a program, but the extent of this dependence has yet to be determined. For example, the PVF of a program can be measured at compile time, when real inputs are not available. It is important to understand whether these compile-time vulnerability measurements will accurately reflect the behavior of the application when running with real input data. That is the goal of this work.