DOCSLIB.ORG

Moat: Verifying Confidentiality of Enclave Programs

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Moat: Verifying Confidentiality of Enclave Programs Moat: Verifying Confidentiality of Enclave Programs Rohit Sinha Sriram Rajamani UC Berkeley Microsoft Research [email protected] [email protected] Sanjit A. Seshia Kapil Vaswani UC Berkeley Microsoft Research [email protected] [email protected] ABSTRACT 1. INTRODUCTION Security-critical applications constantly face threats from Building applications that do not leak secrets, i.e., pro- exploits in lower computing layers such as the operating vide confidentiality guarantees, is a non-trivial task. There system, virtual machine monitors, or even attacks from ma- are at least three kinds of attacks a developer must guard licious administrators. To help protect application secrets against. The first kind of attack, which we call protocol at- from such attacks, there is increasing interest in hardware tack, is relevant for distributed applications involving client implementations of primitives for trusted computing, such nodes and cloud-based services, and can arise from vulnera- as Intel's Software Guard Extensions (SGX) instructions. bilities in the cryptographic protocol used to establish trust These primitives enable hardware protection of memory re- between various distributed components. Examples of pro- gions containing code and data, and provide a root of trust tocol attacks include man-in-the-middle or replay attacks. for measurement, remote attestation, and cryptographic seal- The second kind of attack, which we call application attack, ing. However, vulnerabilities in the application itself, such is due to errors or vulnerabilities in the application code it- as the incorrect use of SGX instructions or memory safety self which can be exploited to leak confidential information errors, can be exploited to divulge secrets. In this paper, we from the application (e.g., the Heartbleed bug [18]). The introduce a new approach to formally model these primitives third kind of attack, which we call infrastructure attack, is and formally verify properties of so-called enclave programs due to exploits in the software stack (e.g. operating system that use them. More specifically, we create formal models (OS), hypervisor) that the application relies upon, where of relevant aspects of SGX, develop several adversary mod- the privileged malware has full control of the CPU, mem- els, and present a sound verification methodology (based on ory, I/O devices, etc. Infrastructure attacks can result in an automated theorem proving and information flow analysis) attacker gaining control of any application's memory and for proving that an enclave program running on SGX does reading secrets at will. not contain a vulnerability that causes it to reveal secrets Several mitigation strategies have been proposed for each to the adversary. We introduce Moat, a tool which formally of these kinds of attacks. In order to guard against proto- verifies confidentiality properties of applications running on col attacks, we can use protocol verifiers (e.g., ProVerif [11], SGX. We evaluate Moat on several applications, including a CryptoVerif [12]) to check for protocol errors. In order to one time password scheme, off-the-record messaging, notary guard against application attacks, the application can be service, and secure query processing. developed in a memory-safe language with information flow control, such as Jif [28]. Infrastructure attacks are the hard- Categories and Subject Descriptors est to protect against, since the attack can happen even if the application is error free (i.e., without application vulner- D.4.6 [Operating Systems]: Security and Protection | abilities or protocol vulnerabilities). While some efforts are Information flow controls, Verification; D.2.4 [Software En- under way to build a fully verified software stack ground-up gineering]: Software/Program Verification | Formal meth- (e.g. [21, 25]), this approach is unlikely to scale to real-world ods, Model checking OS and system software. An alternative approach to guarding against infrastruc- Keywords ture attack is by hardware features that enable a user-level application to be protected from privileged malware. For Enclave Programs; Secure Computation; Confidentiality; For- instance, Intel SGX [23, 24] is an extension to the x86 in- mal Verification struction set architecture, which provides any application Permission to make digital or hard copies of all or part of this work for personal or the ability to create protected execution contexts called en- classroom use is granted without fee provided that copies are not made or distributed claves containing code and data. SGX features include 1) for profit or commercial advantage and that copies bear this notice and the full citation hardware-assisted isolation from privileged malware for en- on the first page. Copyrights for components of this work owned by others than the clave code and data, 2) measurement and attestation prim- author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or itives for detecting attacks on the enclave during creation, republish, to post on servers or to redistribute to lists, requires prior specific permission and 3) sealing primitives for storing secrets onto untrusted and/or a fee. Request permissions from [email protected]. CCS’15, October 12–16, 2015, Denver, Colorado, USA. persistent storage. Using these extensions it is possible to Copyright is held by the owner/author(s). Publication rights licensed to ACM. write applications with a small trusted computing base, which ACM 978-1-4503-3832-5/15/10 ...$15.00. includes only the enclave code and the SGX processor. All DOI: http://dx.doi.org/10.1145/2810103.2813608 . other layers in the software stack including the operating malware attacks. Furthermore, extending traditional type system and the hypervisor can be excluded from the trusted systems to enclave programs is non-trivial because the anal- computing base. However, establishing such a guarantee ysis must faithfully model the semantics of SGX instruc- requires precise understanding of the contract between the tions and infer information flows to individual addresses hardware and software. In particular, it requires specify- within enclave memory. Therefore, we develop a static ver- ing a formal API-level semantics of SGX instructions, an ifier called Moat that analyzes the instruction-level behav- adversary model, and a verification methodology (with tool ior of the enclave binary program. Moat employs a flow- support) to detect insecure use of SGX instructions. Our and path-sensitive type checking algorithm (based on auto- work addresses each of these aspects, as we describe below. mated theorem proving using satisfiability modulo theories solving [8]) for automatically verifying whether an enclave Semantics of SGX instructions. SGX provides instruc- program (in the presence of an active adversary) provides tions which enable applications to create enclaves, transfer confidentiality guarantees. For ill-typed programs, Moat re- control to and from enclaves, perform remote attestation, turns an exploit demonstrating a potential leak of secret to and seal and unseal secrets so that they can persist on the non-enclave memory. By analyzing the binary, we remove platform. We give a formal semantic model of the interface the compiler from our trusted computing base, and relax between the programmer and the implementation of SGX, several memory safety assumptions that are common in tra- with an eye towards automatic formal verification of the en- ditional information flow type systems. clave code's security. Our approach is similar in spirit to Although we do not focus on protocol attacks in this previous work on finding API-level exploits [20] using the paper, we briefly describe how one can compose protocol- UCLID modeling and verification system [15]. level analysis (performed by a verifier such as ProVerif [11]) Adversary model. We consider a powerful adversary who with Moat to achieve end-to-end confidentiality guarantees can compromise the infrastructure code (OS, hypervisor, against infrastructure, application, and protocol attacks. etc.) and perform both passive and active attacks by access- ing any non-enclave memory (i.e. memory not protected by In summary, the goal of this paper is to explore the con- SGX), modifying page tables, generating interrupts, control- tract between the SGX hardware and the enclave developer ling I/O interaction, etc. It is non-trivial to reason about and provide a methodology and tool support for the pro- enclave behaviors (and potential vulnerabilities) in the pres- grammer to write secure enclaves. We make the following ence of such an adversary. As a first step, using our formal specific contributions: ISA-level semantics of the SGX instructions, we prove that • We develop the first semantic API model of the SGX plat- (if the application follows certain guidelines during enclave form and its new instruction set, working from publicly- creation) any combination of the above adversarial actions available documentation [24]. can be simply modeled as an arbitrary update of non-enclave memory. This simplifies our reasoning of enclave execution • We formally study active and passive adversaries for SGX in the presence of privileged adversaries. In particular, we enclaves, and show that a havocing adversary who observes show that a so-called havocing adversary who symbolically and havocs non-enclave memory after every instruction in modifies all of the non-enclave memory after every instruc- the enclave is both powerful enough to model all such ad- tion of the
Load more

Recommended publications
  • Wind River Vxworks Platforms 3.8
    Wind River VxWorks Platforms 3.8 The market for secure, intelligent, Table of Contents Build System ................................ 24 connected devices is constantly expand- Command-Line Project Platforms Available in ing. Embedded devices are becoming and Build System .......................... 24 VxWorks Edition .................................2 more complex to meet market demands. Workbench Debugger .................. 24 New in VxWorks Platforms 3.8 ............2 Internet connectivity allows new levels of VxWorks Simulator ....................... 24 remote management but also calls for VxWorks Platforms Features ...............3 Workbench VxWorks Source increased levels of security. VxWorks Real-Time Operating Build Configuration ...................... 25 System ...........................................3 More powerful processors are being VxWorks 6.x Kernel Compatibility .............................3 considered to drive intelligence and Configurator ................................. 25 higher functionality into devices. Because State-of-the-Art Memory Host Shell ..................................... 25 Protection ..................................3 real-time and performance requirements Kernel Shell .................................. 25 are nonnegotiable, manufacturers are VxBus Framework ......................4 Run-Time Analysis Tools ............... 26 cautious about incorporating new Core Dump File Generation technologies into proven systems. To and Analysis ...............................4 System Viewer ........................
    [Show full text]
  • Intel® Atom™ Processor E6x5c Series-Based Platform for Embedded Computing
    PlAtfOrm brief Intel® Atom™ Processor E6x5C Series Embedded Computing Intel® Atom™ Processor E6x5C Series-Based Platform for Embedded Computing Platform Overview Available with industrial and commercial The Intel® Atom™ processor E6x5C series temperature ranges, this processor series delivers, in a single package, the benefits of provides embedded lifecycle support and the Intel® Atom™ processor E6xx combined is supported by the broad Intel® archi- with a Field-Programmable Gate Array tecture ecosystem as well as standard (FPGA) from Altera. This series offers Altera development tools. Additionally, a exceptional flexibility to incorporate a compatible, dedicated Power Management wide range of standard and user-defined Integrated Circuit (PMIC) solution may be I/O interfaces, high-speed connectivity, obtained from leading PMIC suppliers to memory interfaces, and process accelera- help minimize platform part count and tion to meet the requirements of a variety reduce bill of material costs and design of embedded applications in industrial, medi- complexity. Options include separate PMIC cal, communication, vision systems, voice and clock generator chips (available from over Internet protocol (VoIP), military, high- ROHM Co., Ltd.) or a single-chip solution performance programmable logic control- that integrates the voltage regulator and lers (PLCs) and embedded computers. clock generator (available from Dialog Semiconductor). The Intel Atom processor E6x5C series is a multi-chip, single-package device that Product Highlights reduces board footprint, lowers compo- • Single-package: A compact 37.5 x nent count, and simplifies inventory 37.5 mm, 0.8 mm ball pitch, multi-chip control and manufacturing. This compact device internally connects the Intel Atom design offers single-vendor support while processor E6xx with a user-programma- providing Intel Atom processors for ble FPGA.
    [Show full text]
  • Intel Atom® Processor C2000 Product Family for Microservers
    Intel® Atom™ Processor C2000 Product Family for Microservers PRODUCT BRIEF Maximize Efficiency for Your Lightweight Scale-Out Workloads Extreme Density and Energy-Efficiency for Low-End, Scale-Out Workloads With a need to rapidly deliver new services, cope with massive data growth, and contain costs, cloud service providers and hosters seek increasingly efficient ways to handle the demands on their infrastructure. Today’s servers based on Intel® Xeon® processors provide leadership performance and performance per watt with the flexibility to handle a wide range of workloads and peak demands. 2nd generation 64-bit However, certain lightweight, scale-out workloads—such as basic dedicated hosting, low-end static Intel® Atom™ Processor web serving, and simple content delivery can sometimes be hosted more efficiently on larger C2000 Product Family numbers of smaller servers built for extreme power efficiency. for microservers To address this need, Intel worked with a broad giving you the flexibility to right-size your infra- • Up to 7x higher7 perfor- ecosystem of leading server manufacturers to structure without limiting software mobility and mance, up to 6x better8 develop and deliver a variety of extreme low-power interoperability as your applications evolve. systems to support an emerging server category— performance/watt Optimized Platform Support microservers. With up to a 1,000 nodes1 per Intel provides complete microserver platform 9 rack and shared power, cooling, and networking • 6-20 watt TDP solutions that simplify implementation, improve resources, microservers can help you improve data overall efficiency and enable higher node density. • Up to 1000+ server center efficiency by right-sizing infrastructure for New innovations include: 10 relatively light processing requirements.
    [Show full text]
  • Debuggers, Programmers and Erasers Products May Be Rohs Compliant
    Debuggers, Programmers and Erasers Products may be RoHS compliant. Check mouser.com for RoHS status. USB2Wiggler Features: DEVELOPMENT PROGRAMMERS • Universal Serial Bus interface for JTAG and BDM debugging TopMaxII Programmer • Faster than the classic parallel port Wiggler • Fully compatible with all Macraigor Systems software Features: • Operates up to Hi-Speed USB rates (480Mb/s) • High speed device programmer and TTL/LOGIC/DRAM tester • One side interfaces to USB port of host IBM compatible PC, other • PC driven: USB 2.0 interface side connects to OCD (On-Chip Debug) port of target system • Device libraries > 18000 • Port may be JTAG, E-JTAG, OnCE, COP, BDM, or any of several • Standard 48-pin DIL ZIF socket other types of connections • Supported devices: EPROM, EEPROM, FLASH (NOR/NAND) Programmers memory, PLD, FPGA, Serial PROM, Parallel PROM, CMOS USB2Demon Features: PROM, PIC and microcontrollers • Interfaces to USB 1.1 or USB 2.0 port of host PC on one side, other • B/P/V takes 65 sec. for 64Mbit flash memory • External start key for auto programming mode side connects to OCD (On-Chip Debug) port on target system • All socket adapters are available in stock (USA): PLCC, SOP, • Win 95/98/NT/2000/XP/Vista/Windows 7 • Simultaneously debugs up to 255 devices on a single scan chain SOIC, QFP, TSOP, SON, BGA, TSSOP, and TSOPII • Approved by CE • Supports configurable JTAG/BDM clock rates up to 20MHz • Supported low-voltages: 1.8/2.0/2.7/3.0/3.3/5.0 volt • Made in USA • Compatible with Windows and Linux hosts • Built-in AC (110-240) power supply • Free software update for lifetime • Supported versions of Linux: Red Hat 7.2-9 and Fedora Core 2 For quantities greater than listed, call for quote.
    [Show full text]
  • Intel Atom® Processor C3000 Series for Embedded and Iot Applications: Product Brief
    Product brief Internet of Things Intel Atom® Processor C3000 Series Expanding Intelligence and Flexibility at the Edge Scalable, dense-compute SoC for demanding IoT workloads From the factory foor to the energy grid, airplanes to supply chains, the sensors, controls, gateways, and other connected devices of Internet of Things (IoT) are driving the next industrial revolution. As IoT continues its explosive growth, the need for intelligent devices for more specialized applications is also growing exponentially. Industrial, energy, aerospace, robotics, public sector, and other customers with demanding IoT workloads want new ways to easily extract value from their data, reduce their time to market, and innovate connected technologies quickly and efciently. Moreover, they increasingly require reliable IoT solutions that bring maximum performance and greater capabilities to an ever-expanding array of challenging locations and operating conditions. The Intel Atom® processor C3000 series extends low-power Intel® architecture into new segments and accelerates IoT innovation across a wide range of demanding environments and use cases. With high performance per watt, low thermal design power (TDP) of 9.5W, and up to 20 confgurable high-speed input/output (HSIO) lanes, and pin-to-pin compatibility, this new system-on-a-chip (SoC) family delivers next-generation, multicore performance and scalability for a broad variety of low-power, high-density, and fanless designs. Multicore scalability With the Intel Atom processor C3000 series, customers are able to scale performance and achieve workload consolidation in situations and use cases that uP to require very low power, high density, and high I/O integration. Designed in an FCBGA 34mm x 28mm compact form factor, this SoC-based CPU is manufactured on Intel’s optimized 14nm process technology, available from 2 to 12 cores from 2.3X 1.6 to 2.0 GHz, and includes up to 256 GB DDR4 2133 MHz ECC (SODIMM, UDIMM, better PerforMANce or RDIMM) of addressable memory.
    [Show full text]
  • Designed to Engage Students and Empower Educators
    PRODUCT BRIEF Intel® classmate PC – Convertible Intel® Celeron® Processors 847/NM70 (dual-core) Part of Intel® Education Solutions Designed to Engage Students and Empower Educators Designed to make learning more fun, creative, and engaging, the Intel® classmate PC – convertible brings together the best of Windows* 8 touch and keyboard experiences, the amazing performance of Intel® Celeron® processors, and Intel® Education Software. The new Intel classmate PC – convertible keeps students excited about learning. With the flip of the display, it quickly transforms from a full-featured PC to convenient tablet—with pen— making it easy to adapt the device to the teaching method and learning task at hand. Whether gathering field data with the HD camera and notating it with the pen, or analyzing, interpreting, and reporting results using collaborative Intel Education Software, the convertible classmate “The Intel classmate PC – convertible PC is designed for education and engineered for students to develop the 21st century skills needed to succeed in today’s global economy. creates an ecosystem of digital learning which encompasses 1:1 Highlights: technologies, independent learning, • Two devices in one: tablet and full-feature PC digital creativity, device management, • Supports both Windows 8 desktop and touch modes and learning beyond school. It is truly • Together with Intel Education Software, the convertible classmate PC is part of Intel Education Solutions versatile, easily catering for the • High Definition LCD display produces vivid
    [Show full text]
  • Intel Atom® P5900 Processors for 5G Network Edge Acceleration
    PRODUCT BRIEF | Intel Atom® P5900 Processors ADVANCED PERFORMANCE FOR 5G WIRELESS BASE STATIONS As the radio access network (RAN) infrastructure of wireless carriers evolves to meet the intense demands of 5G, additional compute is required at the edge of the network. Careful consideration is critical across the board—from overarching design down to the selection of key components in base transceiver station equipment—for 5G networks to reliably meet the demands of next-generation service opportunities with lower latencies, higher bandwidth, and increased network capacity. RAN INFRASTRUCTURE EVOLUTION Intel has never had a stronger or more comprehensive portfolio of solutions to enable the RAN. From Intel® Xeon® Scalable processors to Intel Atom® processors, FPGAs, ASICS, and more, Intel continues to deliver cutting-edge hardware for 5G infrastructure. Even so, it’s our significant investments in software that enable service providers to make the most of our hardware, from drivers and operating systems up through entire production-quality software stacks. This interconnected platform of hardware and software allows service providers to get to market quickly while still offering the flexibility needed to address various deployment scenarios. Furthermore, with the increasing adoption of innovations found in cloud deployments, service providers are realizing the benefits of extending a platform combining common cloud software with Intel® architecture-based hardware from the core to the edge. A common software ecosystem for platform virtualization and customer applications—using a common Intel instruction set architecture across the infrastructure—enables faster deployment of new software and features while also making new service offerings and revenue models possible. PRODUCT BRIEF | Intel Atom® P5900 Processors AN EXCITING NEW CLASS OF EDGE PROCESSORS Intel Atom P5900 processors are the first of an all-new class of high-throughput, low-latency Intel Atom P processors for high-density network edge and security solutions.
    [Show full text]
  • Intel® Embedded Software Development Tool Suite for Intel® Atom™ Processor
    Intel® Embedded Software Development Tool Suite For Intel® Atom™ processor Turbocharge your code for Intel® Atom™ processor-based Product Brief embedded systems Intel® Embedded Software High Performance Data, Media and Signal Powerful Application and JTAG-based Development Tool Suite Processing Libraries Debug for Intel® Atom™ processor High Performance C/C++ Compiler Advanced Performance Analysis Tool Benefit from a comprehensive software development tools solution for your Intel® Atom™ processor- based embedded system designs and application software development. Coding, compiling, debugging and performance tuning made simple. The Intel® Embedded Software Development Tool Suite for Intel® Atom™ processor is a complete solution that addresses embedded software development requirements for Intel® Atom™ processor- powered platforms such as embedded systems, tablets, netbooks, smartphones, IVI and other CE devices. The Embedded Software Development Tool Suite covers the entire software development cycle: coding, compiling, debugging, and analyzing performance. All included tools are Linux* hosted, are compatible with GNU tools, and support multiple Linux* OS based targets. Intel® C++ Compiler for Linux* Intel® Integrated Performance Primitives for Linux* Intel® Application Debugger for Intel® Atom™ processor Intel® JTAG Debugger for Intel® Atom™ processor Intel® VTune™ Amplifier XE for Linux* Compatibility and support for Linux* based targets e.g. Yocto Project* Features and Benefits Feature Benefits Intel® C++ Compiler Boost
    [Show full text]
  • Intel® Quark™ SE Microcontroller
    Bringing intelligence to the internet of things Introducing the Intel® Quark™ SE Microcontroller John Moore Intel IoT Application Engineer 2nd Nov 2016 Legal Disclaimers You may not use or facilitate the use of this document in connection with any infringement or other legal analysis concerning Intel products described herein. You agree to grant Intel a non-exclusive, royalty- free license to any patent claim thereafter drafted which includes subject matter disclosed herein No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document. All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps. The products described may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Copies of documents which have an order number and are referenced in this document may be obtained by calling 1-800-548-4725 or by visiting: http://www.intel.com/design/literature.htm Tests document performance of components on a particular test, in specific systems. Differences in hardware, software, or configuration will affect actual performance. Consult other sources of information to evaluate performance as you consider your purchase. For more complete information about performance and benchmark results, visit http://www.intel.com/performance. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at intel.com.
    [Show full text]
  • Operating System Platforms
    Wind River Embraces IOT Zuo Yun: [email protected] © 2014 Wind River All rights reserved Wind River at a glance Aerospace & Defense Automotive Network Equipment Industrial & Medical Mobile & Consumer Applied Signal AWTC Europe Alcatel-Lucent ABB Canon BAE Systems BMW ARRIS Agilent Dell Boeing Bosch Avaya AREVA Epson EADS Clarion Ciena Bombardier Fuji-Xerox Elbit Group Continental Dialogic Emerson Electric IBM Finmeccanica Daimler Ericsson General Electric Intel General Dynamics Delphi Fujitsu Hitachi Medical Konica Minolta General Electric Fiat GENBAND Intel LG Electronics Harris Fujitsu Hitachi Invensys NEC Honeywell General Motors Huawei KUKA Oki ITT Harmann Hypercom Mitsubishi Industrial Prima Cinema L3 Communications HKMC Intel Mitsubishi Electric Qualcomm Lockheed Honda Kapsch Nikon Ricoh NASA Johnson Controls Kyocera Panasonic Samsung Northrop Grumman Mobis Motorola Philips Medical Sharp Orbital Sciences Nissan NEC Rockwell Automation SK Telecom Raytheon PSA Peugeot Citroen Nokia Schneider Electric Sony Rockwell Collins Renault Samsung Siemens Texas Instruments Thales Toyota Tellabs Sirona Dental Systems Toshiba U.S. Navy Valeo Group ZTE Toshiba Xerox Network Transformation App App “The Cloud” Private Cloud NFV Communications INTERNET Embedded Cloud SDN Data Center Big Data GATEWAY Cost Reductive LAN IoT Devices The Drive to 50 Billion Devices Intelligent Intelligent Devices Intelligent Systems Decision Making Cloud Networks Intelligent
    [Show full text]
  • Intel® SGX Trusted Computing Base (TCB) Recovery
    White Paper Intel® Software Guard Extensions (Intel® SGX) Intel® SGX Trusted Computing Base (TCB) Recovery Scope We designed Intel® Software Guard Extensions (Intel® SGX) with the ability to update it in order to address any issues that might arise in the future. Merely providing this update mechanism, however, is not sufficient for a secure service infrastructure: if a client’s update is voluntary, then the remote service could be communicating with a client that is out of date and subject to security vulnerabilities. To address this issue, Intel SGX was also given the means to cryptographically prove, via remote attestation, that the client update has taken place. The mechanics of this process have been outlined in the whitepaper titled “Intel® Software Guard Extensions: EPID Attestation and Services”[1]. Until now, Intel has not fully described the effects of performing an Intel SGX Trusted Computing Base (TCB) recovery on the end-user and developer community. This paper is intended to close this gap. Intel SGX Attestation Review Attestation is the process of demonstrating that a software executable has been properly instantiated on a platform. Intel SGX Attestation allows a remote party to gain confidence that the intended software is securely running within an enclave on a fully patched, Intel SGX enabled platform. The attestation conveys the following information in an assertion: The identities of software being attested. The details of unmeasured state (e.g., the mode software is running in). Data that the software associates with itself. Intel SGX uses an asymmetric attestation key, representing the Intel SGX Trusted Computing Base, to sign an assertion with the above information.
    [Show full text]
  • Intel® Atom™ Processor E3800 the Latest Low Power Platform E3800 Family Platform for Intelligent Systems
    Intel® Atom™ Processor E3800 The Latest Low Power Platform E3800 Family Platform for Intelligent Systems tŚŝůĞĚĞƐŝŐŶĞĚƚŽďĞĂƚƌƵĞƚĞƐƚŽĨ/ŶƚĞů͛ƐƉĞƌĨŽƌŵĂŶĐĞŝŶƚŚĞƵůƚƌĂŵŽďŝůĞƐƉĂĐĞ͕^ŝůǀĞƌŵŽŶƚŝƐƚŚĞĮƌƐƚƚƌƵĞĂƌĐŚŝƚĞĐƚƵƌĞ ƵƉĚĂƚĞƚŽ/ŶƚĞů͛ƐƚŽŵƉƌŽĐĞƐƐŽƌƐŝŶĐĞŝƚƐŝŶƚƌŽĚƵĐƟŽŶŝŶϮϬϬϴ͘>ĞǀĞƌĂŐŝŶŐ/ŶƚĞů͛ƐĮƌƐƚϮϮŶŵƉƌŽĐĞƐƐĂŶĚĂǀĞƌLJůŽǁƉŽǁĞƌͲ ŵŝĐƌŽĂƌĐŚŝƚĞĐƚƵƌĞ͕^ŝůǀĞƌŵŽŶƚĂŝŵƐƐƋƵĂƌĞůLJĂƚƚŚĞůĂƚĞƐƚ<ƌĂŝƚĐŽƌĞƐĨƌŽŵYƵĂůĐŽŵŵĂŶĚZD͛ƐŽƌƚĞdžϭϱ͘ĂƐĞĚŽŶ ^ŝůǀĞƌŵŽŶƚ͕/ŶƚĞůΠŝŶƚƌŽĚƵĐĞƐϯϴϬϬƉƌŽĚƵĐƚĨĂŵŝůLJ͕ĂƐĞƌŝĞƐŽĨƐLJƐƚĞŵŽŶĐŚŝƉ;^ŽͿĚĞƐŝŐŶĞĚĨŽƌůŽǁͲƉŽǁĞƌ͕ĨĞĂƚƵƌĞͲƌŝĐŚ ĂŶĚŚŝŐŚůLJͲĐĂƉĂďůĞĂƉƉůŝĐĂƟŽŶƐ͘ ϯϴϬϬƉƌŽĚƵĐƚĨĂŵŝůLJƚĂŬĞƐƵƉƚŽĨŽƵƌ^ŝůǀĞƌŵŽŶƚĐŽƌĞƐ͕ĂŶĚĨŽƌƚŚĞĮƌƐƚƟŵĞŝŶĂŶƵůƚƌĂŵŽďŝůĞ/ŶƚĞů^Ž͕ŝƐƉĂŝƌĞĚǁŝƚŚ /ŶƚĞů͛ƐŽǁŶŐƌĂƉŚŝĐƐ/W͘/ŶŽƚŚĞƌǁŽƌĚƐ͕ƌĂƚŚĞƌƚŚĂŶƵƐŝŶŐĂ'WhďůŽĐŬĨƌŽŵ/ŵĂŐŝŶĂƟŽŶdĞĐŚŶŽůŽŐŝĞƐ͕E3800 product family leverages the same GPU architecture as the 3rdŐĞŶĞƌĂƟŽŶ/ŶƚĞůŽƌĞƉƌŽĐĞƐƐŽƌƐ;ĐŽĚĞŶĂŵĞĚ/ǀLJƌŝĚŐĞͿ͘ Silvermont Core Highlights Better Performance Better Power Efficiency 22nm Architecture 200 250 150 300 100 350 50 400 0 450 500 Out-of-order execuon engine Wider dynamic operang range 3D Tri-gate transistors tuned for New mul-core and system fabric Enhanced acve and idle power SoC products architecture management Architecture and design co-opmized with the process New IA instrucons extensions (Intel Core Westmere Level) Bay Trail: Not just for Atoms anymore E3800 product family combines a CPU based on Intel’s new Silver- mont architecture with a GPU that is architecturally similar to (but 4xPCIe* less powerful than) the HD 4000 graphics engine integrated in the 3rdŐĞŶĞƌĂƟŽŶ/ŶƚĞůΠŽƌĞƉƌŽĐĞƐƐŽƌƐůĂƵŶĐŚĞĚŝŶĞĂƌůLJϮϬϭϮ͘dŚĞƐĞ
    [Show full text]