Zizheng Guo,Tsung-Wei Huang,Zhou Jin,Cheng Zhuo,Yibo Lin,Runsheng Wang,Ru Huang

DOI: https://doi.org/10.23919/date58400.2024.10546507

2024-01-01

Abstract:Static timing analysis (STA) in advanced technology nodes encounter many new challenges in analysis accuracy and speed efficiency. To accurately model complex interconnect networks, existing timers have leveraged reduced-order models with effective capacitance to design advanced delay calculation algorithms. However, the iterative nature of these algorithms makes them extremely time-consuming to use in a timer, significantly limiting their capability in many timing-driven applications. To overcome this challenge, we propose a novel GPU-accelerated delay calculator that targets Arnoldi-based model order reduction with an effective capacitance algorithm. We design efficient numerical kernels for batched nodal analysis model construction, LU decom-position, Krylov subspace calculation, eigenvalue decomposition, and Newton-Raphson iteration. Compared with two industrial standard timers, PrimeTime and OpenSTA, we achieve a strong correlation with up to 7.27x and 14.03x speed-up, respectively.

Divya Ojha,Sandhya Dwarkadas

DOI: https://doi.org/10.1109/ISCA52012.2021.00037

2021-12-17

Abstract:Timing side channels have been used to extract cryptographic keys and sensitive documents, even from trusted enclaves. In this paper, we focus on cache side channels created by access to shared code or data in the memory hierarchy. This vulnerability is exploited by several known attacks, e.g, evict+reload for recovering an RSA key and Spectre variants for data leaked due to speculative accesses. The key insight in this paper is the importance of the first access to the shared data after a victim brings the data into the cache. To eliminate the timing side channel, we ensure that the first access by a process to any cache line loaded by another process results in a miss. We accomplish this goal by using a combination of timestamps and a novel hardware design to allow efficient parallel comparisons of the timestamps. The solution works at all the cache levels and defends against an attacker process running on another core, same core, or another hyperthread. Our design retains the benefits of a shared cache: allowing processes to utilize the entire cache for their execution and retaining a single copy of shared code and data (data deduplication). Our implementation in the GEM5 simulator demonstrates that the system is able to defend against RSA key extraction. We evaluate performance using SPECCPU2006 and observe overhead due to first access delay to be 2.17%. The overhead due to the security context bookkeeping is of the order of 0.3%.

Cryptography and Security

Yue Zhang,Ziyuan Zhu,Dan Meng

DOI: https://doi.org/10.48550/arXiv.1910.12021

2019-10-26

Abstract:Different from the traditional software vulnerability, the microarchitecture side channel has three characteristics: extensive influence, potent threat, and tough defense. The main reason for the micro-architecture side channel is resource sharing. There are many reasons for resource sharing, one of which is SMT (Simultaneous Multi-Threading) technology. In this paper, we define the SMT Transient Channel, which uses the transient state of shared resources between threads to steal information. To mitigate it, we designed a security demand-based dynamic mitigation (DDM) to Mitigate the SMT transient channels. The DDM writes the processes' security requirements to the CPU register sets, and the operating system calls the HLT instruction to dynamically turn on and off the hyper-threading according to the register values to avoid the side channels caused by execution resource sharing. During the implementation of the scheme, we modified the Linux kernel and used the MSR register groups of Intel processor. The evaluation results show that DDM can effectively protect against the transient side-channel attacks such as PortsMash that rely on SMT, and the performance loss of DDM is less than 8%.

Cryptography and Security

Zhan-Hui Li,Tao-Tao Zhu,Zhi-Jian Chen,Jian-Yi Meng,Xiao-Yan Xiang,Xiao-Lang Yan

DOI: https://doi.org/10.1109/tvlsi.2016.2587810

2017-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:In advanced technology nodes, large timing margins must be added to allow for worse process, voltage, temperature, and aging variations. The error detection and correction (EDAC) technique effectively eliminates these margins by timing speculation, but the high design complexity and large hardware cost make many existing EDAC systems unsuitable for commercial processors. Based on the instruction-level locality of timing errors, a collaborative EDAC approach is proposed to address this issue. The hardware layer adopts simple and low cost EDAC circuits to ensure correct operation when timing error occurs, while a runtime software layer prevents recurring errors of the same instruction by sending timing error alarms to the hardware layer. Cooperation of both layers, accompanied with the proposed profile-guided timing error avoidance algorithm, eliminates more than 95% of errors with small runtime overhead. This significantly improves overall performance and alleviates pressure on the EDAC circuits. Experimental results based on the three-stage commercial CK802 processor in SMIC 40LL process present that the approach has improved the peak performance of the baseline EDAC system (Razor-Lite + half-frequency replay) by 8% and reduced the energy consumption by 25%, with less than 1.4% area overhead.

Jiliang Zhang,Congcong Chen,Jinhua Cui,Keqin Li

DOI: https://doi.org/10.1145/3645109

IF: 16.6

2024-02-07

ACM Computing Surveys

Abstract:Microarchitectural vulnerabilities, such as Meltdown and Spectre, exploit subtle microarchitecture state to steal the user’s secret data and even compromise the operating systems (OSes). In recent years, considerable discussion lies in understanding the attack-defense mechanisms and exploitability of such vulnerabilities. Unfortunately, there have been few investigations into a systematic elaboration of threat models, attack scenarios and requirements, and defense targets of the resulting attacks. In this article, we fill this gap and make the following contributions. We first propose two sets of taxonomies for classifying microarchitectural timing side-channel attacks (MTSCAs) and their countermeasures according to various attack conditions. Based on the taxonomies proposed, we then review published attacks and existing defenses and systematically analyze their internals. In particular, we also provide a comprehensive analysis of the similarities and differences among those attacks, uncovering the corresponding practicality and severity by identifying the attack targets/platforms and the security boundaries that can be bypassed to reveal information. We further examine the scalability of those defenses through specifying expected defense goals and costs. We also discuss corresponding detection methods based on different classifications. Finally, we propose several key challenges of existing countermeasures and the attack trends, and discuss directions for future research.

computer science, theory & methods

Jan Philipp Thoma,Christian Niesler,Dominic Funke,Gregor Leander,Pierre Mayr,Nils Pohl,Lucas Davi,Tim Güneysu

DOI: https://doi.org/10.48550/arXiv.2104.11469

2022-08-18

Abstract:In the recent past, we have witnessed the shift towards attacks on the microarchitectural CPU level. In particular, cache side-channels play a predominant role as they allow an attacker to exfiltrate secret information by exploiting the CPU microarchitecture. These subtle attacks exploit the architectural visibility of conflicting cache addresses. In this paper, we present ClepsydraCache, which mitigates state-of-the-art cache attacks using a novel combination of cache decay and index randomization. Each cache entry is linked with a Time-To-Live (TTL) value. We propose a new dynamic scheduling mechanism of the TTL which plays a fundamental role in preventing those attacks while maintaining performance. ClepsydraCache efficiently protects against the latest cache attacks such as Prime+(Prune+)Probe. We present a full prototype in gem5 and lay out a proof-of-concept hardware design of the TTL mechanism, which demonstrates the feasibility of deploying ClepsydraCache in real-world systems.

Cryptography and Security,Hardware Architecture

Johannes Müller,Anna Lena Duque Antón,Lucas Deutschmann,Dino Mehmedagić,Cristiano Rodrigues,Daniel Oliveira,Keerthikumara Devarajegowda,Mohammad Rahmani Fadiheh,Sandro Pinto,Dominik Stoffel,Wolfgang Kunz

DOI: https://doi.org/10.1145/3649329.3656541

2024-07-18

Abstract:Microarchitectural timing side channels have been thoroughly investigated as a security threat in hardware designs featuring shared buffers (e.g., caches) or parallelism between attacker and victim task execution. However, contradicting common intuitions, recent activities demonstrate that this threat is real even in microcontroller SoCs without such features. In this paper, we describe SoC-wide timing side channels previously neglected by security analysis and present a new formal method to close this gap. In a case study on the RISC-V Pulpissimo SoC, our method detected a vulnerability to a previously unknown attack variant that allows an attacker to obtain information about a victim's memory access behavior. After implementing a conservative fix, we were able to verify that the SoC is now secure w.r.t. the considered class of timing side channels.

Cryptography and Security

Xin Zhang,Zhi Zhang,Qingni Shen,Wenhao Wang,Yansong Gao,Zhuoxi Yang,Jiliang Zhang

DOI: https://doi.org/10.1109/hpca57654.2024.00039

2024-01-01

Abstract:Interrupts are critical hardware resources for OS kernels to schedule processes. As they are related to system activities, interrupts can be used to mount various side-channel attacks (i.e., monitoring keystrokes, inferring website visits, detecting GPU activities, and fingerprinting processes). Given that all these attacks rely on system file interfaces or architectural timers to probe interrupts, various countermeasures have been proposed to either remove the unprivileged access to the file interfaces or detect/cripple architectural timers. In this work, we propose SegScope, a new technique that abuses segment protection to provision fine-grained interrupt observations without any timer. As segment protection is widely used on x86, SegScope works across a wide range of Intel- and AMD-based CPUs. Particularly, we observe that while segment protection preserves the confidentiality of high privileged domain, it leaves a footprint via the data segment registers values when an interrupt occurs. With this key observation, SegScope is crafted by capturing the footprints. To show its security implications, we evaluate it in four case studies. First, SegScope has inferred website visits with a respective success rate of 92.4% on Chrome and 87.4% on Tor Browser in default system settings. Second, SegScope successfully extracts the keys from Cloudflare's Interoperable Reusable Cryptographic Library (CIRCL) v1.1. Third, SegScope steals DNN model architectures with an accuracy of over 80%. Last, SegScope effectively reduces the noise of interrupts to improve the performance of other side channels. As an example, SegScope reduces the error rate of Spectral side channel by 56x. Compared with existing timer-based interrupt-probing techniques, SegScope is fine-grained without introducing false-positives. Further, we leverage SegScope to craft a fine-grained timer, as regular timer interrupts as clock edges contain timestamps. Our evaluation shows that it achieves the same level of timing granularity as the high-resolution timer, i.e., rdtsc and rdpru. We then leverage the timer to break KASLR in about 10 seconds and mount a Flush+Reload based Spectre attack.

Yuan Yao,Wenzhi Chen,Tulika Mitra,Yang Xiang

DOI: https://doi.org/10.1109/tpds.2017.2719679

2016-01-01

Abstract:As we enter the era of many-core, providing the shared memory abstraction through cache coherence has become progressively difficult. The standard directory-based coherence does not scale well with increasing core count. Timestamp-based hardware coherence protocols introduced recently offer an attractive alternative solution. This paper proposes a timestamp-based coherence protocol, called TC-Release++, that efficiently supports cache coherence in large-scale systems. Our approach is inspired by TC-Weak, a recently proposed timestamp-based coherence protocol targeting GPU architectures. We first design TC-Release in an attempt to straightforwardly port TC-Weak to general-purpose many-cores. But re-purposing TC-Weak for general-purpose many-core architectures is challenging due to significant differences both in architecture and the programming model. Indeed the performance of TC-Release turns out to be worse than conventional directory protocols. We overcome the limitations and overheads of TC-Release by exploiting simple hardware support to eliminate frequent memory stalls, and an optimized lifetime prediction mechanism to improve cache performance. The resulting optimized coherence protocol TC-Release++ is highly scalable (storage scales logarithmically with core count) and shows better performance (3.0 percent) and comparable network traffic (within 1.3 percent) relative to the baseline MESI directory protocol. We use Murphi to formally verify that TC-Release++ is error-free and imposes small verification cost.

Rui Chang,Liehui Jiang,Wenzhi Chen,Yang Xiang,Yuxia Cheng,Abdulhameed Alelaiwi

DOI: https://doi.org/10.1007/s10586-017-0833-4

2017-01-01

Cluster Computing

Abstract:With the rapid development of Internet of Things technology and the promotion of embedded devices’ computation performance, smart devices are probably open to security threats and attacks while connecting with rich and novel Internet. Attracting lots of attention in embedded system security community recently, Trusted Execution Environment (TEE), allows for the execution of arbitrary code within environments completely isolated from the rest of a system. However, existing memory protection methods in a TEE are inadequate. In general, the software-based formal methods are not practical and the hardware-based implementation approaches lack of theoretical proof. To address the memory isolation and protection problems in TEE, in this paper, we propose a practical memory integrity protection method on an ARM-based platform, called MIPE, to defend against security threats including kernel data attacks and direct memory access attacks. MIPE utilizes TrustZone technique to create a isolated execution environment, which can protect the sensitive code and data against attacks. To present the integrity protection strategies, we provide the design of MIPE using B method, which is a practical formal method. We also implement MIPE on the Xilinx Zynq ZC702 evaluation board. The evaluation results show that the automatic proof rate of machines using B method is about 78.32%, and the proposed method is effective and feasible in terms of both load time and overhead.

Zelalem Birhanu Aweke,Todd Austin

DOI: https://doi.org/10.48550/arXiv.1703.07706

2017-03-11

Abstract:Time variation during program execution can leak sensitive information. Time variations due to program control flow and hardware resource contention have been used to steal encryption keys in cipher implementations such as AES and RSA. A number of approaches to mitigate timing-based side-channel attacks have been proposed including cache partitioning, control-flow obfuscation and injecting timing noise into the outputs of code. While these techniques make timing-based side-channel attacks more difficult, they do not eliminate the risks. Prior techniques are either too specific or too expensive, and all leave remnants of the original timing side channel for later attackers to attempt to exploit. In this work, we show that the state-of-the-art techniques in timing side-channel protection, which limit timing leakage but do not eliminate it, still have significant vulnerabilities to timing-based side-channel attacks. To provide a means for total protection from timing-based side-channel attacks, we develop Ozone, the first zero timing leakage execution resource for a modern microarchitecture. Code in Ozone execute under a special hardware thread that gains exclusive access to a single core's resources for a fixed (and limited) number of cycles during which it cannot be interrupted. Memory access under Ozone thread execution is limited to a fixed size uncached scratchpad memory, and all Ozone threads begin execution with a known fixed microarchitectural state. We evaluate Ozone using a number of security sensitive kernels that have previously been targets of timing side-channel attacks, and show that Ozone eliminates timing leakage with minimal performance overhead.

Cryptography and Security,Hardware Architecture

Somdip Dey,Amit Kumar Singh,Xiaohang Wang,Klaus Dieter McDonald-Maier

DOI: https://doi.org/10.48550/arXiv.2007.01377

2020-07-03

Abstract:Given the constant rise in utilizing embedded devices in daily life, side channels remain a challenge to information flow control and security in such systems. One such important security flaw could be exploited through temperature side-channel attacks, where heat dissipation and propagation from the processing elements are observed over time in order to deduce security flaws. In our proposed methodology, DATE: Defense Against TEmperature side-channel attacks, we propose a novel approach of reducing spatial and temporal thermal gradient, which makes the system more secure against temperature side-channel attacks, and at the same time increases the reliability of the device in terms of lifespan. In this paper, we have also introduced a new metric, Thermal-Security-in-Multi-Processors (TSMP), which is capable of quantifying the security against temperature side-channel attacks on computing systems, and DATE is evaluated to be 139.24% more secure at the most for certain applications than the state-of-the-art, while reducing thermal cycle by 67.42% at the most.

Cryptography and Security,Hardware Architecture,Computer Vision and Pattern Recognition,Machine Learning

Tianning Zhang,Miao Cai,Diming Zhang,Hao Huang

DOI: https://doi.org/10.1109/TrustCom50675.2020.00045

2020-01-01

Abstract:Recently, many effective defensive methods (e.g., ASLR, execute-only-memory) have been proposed to defeat the code reuse attack in the software system. These approaches provide strong system protection through address randomization or memory access restriction. However, this paper identifies a new weak point in these approaches, i.e., missing time protection. We propose a new attack method called timing function attack, which can initiate a code reuse attack even against the state-of-the-art defense techniques. Previous solutions utilize various techniques to hide the spatial information. However, we still can obtain critical security information through the time channel. Specifically, we leverage the function execution time to conduct a side-channel attack. Further, we de-randomize the code segment layout with the timing-channel attack result. Finally, we perform a code-reuse attack with gadgets gathered in previous steps, compromising the whole system. To validate our timing function attack in the real world, we conduct two attacks on two JavaScript engines, i.e., ChakraCore and Chrome v8. Evaluation results show that our attack can successfully bypass the existing defense techniques, such as function-granularity ASLR and XOM, and escalate the privilege. Besides, we also discuss some solutions to prevent and defend our proposed timing function attack.

Chenlu Miao,Kai Bu,Mengming Li,Shaowu Mao,Jianwei Jia

DOI: https://doi.org/10.1109/micro56248.2022.00052

2022-01-01

Abstract:Cache coherence states have recently been exploited to leak secrets through timing-channel attacks. The root cause lies in the fact that shared data in state Exclusive (E) and state Shared (S) are served from different cache layers. The state-of-the-art countermeasure—S-MESI—serves both E- and S-state shared data from the last-level cache (LLC) by explicitly synchronizing the Modified (M) state across private caches and the LLC. This has to sacrifice the silent upgrade feature that MESI introduces for speedup. Moreover, it enforces protection to not only exploitable shared data but also unshared data. This further slows down performance, especially for write-after-read intensive applications. In this paper, we propose SwiftDir to efficiently secure cache coherence against cover-channel attacks without overprotection. SwiftDir fundamentally narrows down the protection scope to write-protected data. Such exploitable shared data can be uniquely identified with the write-protection permission in the memory management unit (MMU) and do not necessarily transit to state M. We validate this idea through tracing system calls of shared libraries on Linux. We then investigate all three commercial cache architectures (i.e., PIPT, VIPT, and VIVT) and find it feasible to hitchhike the address translation process to transmit the write-protection information from the MMU to the coherence controller. Then SwiftDir enforces protection over only write-protected data by serving all requests toward them directly from the LLC with a constant latency. This not only simplifies how MESI handles write-protected data but also avoids how S-MESI overprotects them. Meanwhile, SwiftDir still preserves silent upgrade for efficient handling of unshared data. Extensive experiments demonstrate that our SwiftDir can secure cache coherence while outperforming not only secure SMESI but also unprotected MESI.

Jacob Fustos,Michael Bechtel,Heechul Yun

DOI: https://doi.org/10.48550/arXiv.2003.12208

2020-06-23

Abstract:Transient execution attacks utilize micro-architectural covert channels to leak secrets that should not have been accessible during logical program execution. Commonly used micro-architectural covert channels are those that leave lasting footprints in the microarchitectural state, for example, a cache state change, from which the secret is recovered after the transient execution is completed. In this paper, we present SpectreRewind, a new approach to create contention based covert channels for transient execution attacks. In our approach, a covert channel is established by issuing the necessary instructions logically before the transiently executed victim code. Unlike prior contention based covert channels, which require simultaneous multi-threading (SMT), SpectreRewind supports single hardware thread based covert channels, making it viable on systems where attacker cannot utilize SMT. We show that contention on the floating point division unit on commodity processors can be used to create a high-performance (~100 KB/s), low-noise covert channel for transient execution attacks instead of commonly used flush+reload based cache covert channels. We implement a Meltdown attack utilizing the proposed covert channel showing competitive performance compared to the stateof-the-art cache based covert channel implementation. We also show that the covert channel works in the JavaScript engine of a Chrome browser.

Cryptography and Security

Qian Ge,Yuval Yarom,Tom Chothia,Gernot Heiser

DOI: https://doi.org/10.48550/arXiv.1810.05345

2018-10-16

Abstract:Timing channels enable data leakage that threatens the security of computer systems, from cloud platforms to smartphones and browsers executing untrusted third-party code. Preventing unauthorised information flow is a core duty of the operating system, however, present OSes are unable to prevent timing channels. We argue that OSes must provide time protection in addition to the established memory protection. We examine the requirements of time protection, present a design and its implementation in the seL4 microkernel, and evaluate its efficacy as well as performance overhead on Arm and x86 processors.

Operating Systems

Konstantinos Kanellopoulos,F. Nisa Bostanci,Ataberk Olgun,A. Giray Yaglikci,Ismail Emir Yuksel,Nika Mansouri Ghiasi,Zulal Bingol,Mohammad Sadrosadati,Onur Mutlu

2024-10-11

Abstract:The adoption of processing-in-memory (PiM) architectures has been gaining momentum because they provide high performance and low energy consumption by alleviating the data movement bottleneck. Yet, the security of such architectures has not been thoroughly explored. The adoption of PiM solutions provides a new way to directly access main memory, which malicious user applications can exploit. We show that this new way to access main memory opens opportunities for high-throughput timing attacks that are hard-to-mitigate without significant performance overhead. We introduce IMPACT, a set of high-throughput main memory-based timing attacks that leverage characteristics of PiM architectures to establish covert and side channels. IMPACT enables high-throughput communication and private information leakage by exploiting the shared DRAM row buffer. To achieve high throughput, IMPACT (i) eliminates cache bypassing steps required by processor-centric main memory and cache-based timing attacks and (ii) leverages the intrinsic parallelism of PiM operations. We showcase two applications of IMPACT. First, we build two covert-channel attacks that run on the host CPU and leverage different PiM approaches to gain direct and fast access to main memory and establish high-throughput communication covert channels. Second, we showcase a side-channel attack that leaks private information of concurrently running victim applications that are accelerated with PiM. Our results demonstrate that (i) our covert channels achieve 12.87 Mb/s and 14.16 Mb/s communication throughput, respectively, which is up to 4.91x and 5.41x faster than the state-of-the-art main memory-based covert channels, and (ii) our side-channel attack allows the attacker to leak secrets with a low error rate. To avoid such covert and side channels in emerging PiM systems, we propose and evaluate three defenses.

Cryptography and Security,Hardware Architecture

Nils Wistoff,Moritz Schneider,Frank K. Gürkaynak,Luca Benini,Gernot Heiser

DOI: https://doi.org/10.48550/arXiv.2005.02193

2020-05-01

Abstract:Covert channels enable information leakage across security boundaries of the operating system. Microarchitectural covert channels exploit changes in execution timing resulting from competing access to limited hardware resources. We use the recent experimental support for time protection, aimed at preventing covert channels, in the seL4 microkernel and evaluate the efficacy of the mechanisms against five known channels on Ariane, an open-source 64-bit application-class RISC-V core. We confirm that without hardware support, these defences are expensive and incomplete. We show that the addition of a single-instruction extension to the RISC-V ISA, that flushes microarchitectural state, can enable the OS to close all five evaluated covert channels with low increase in context switch costs and negligible hardware overhead. We conclude that such a mechanism is essential for security.

Cryptography and Security,Hardware Architecture

Nils Wistoff,Gernot Heiser,Luca Benini

2024-09-12

Abstract:Microarchitectural timing channels exploit information leakage between security domains that should be isolated, bypassing the operating system's security boundaries. These channels result from contention for shared microarchitectural state. In the RISC-V instruction set, the temporal fence instruction (fence.t) was proposed to close timing channels by providing an operating system with the means to temporally partition microarchitectural state inexpensively in simple in-order cores. This work explores challenges with fence.t in superscalar out-of-order cores featuring large and pervasive microarchitectural state. To overcome these challenges, we propose a novel SW-supported temporal fence (fence.t.s), which reuses existing mechanisms and supports advanced microarchitectural features, enabling full timing channel protection of an exemplary out-of-order core (OpenC910) at negligible hardware costs and a minimal performance impact of 1.0 %.

Cryptography and Security

Jawad Haj-Yahya,Jeremie S. Kim,A. Giray Yaglikci,Ivan Puddu,Lois Orosa,Juan Gómez Luna,Mohammed Alser,Onur Mutlu

DOI: https://doi.org/10.48550/arXiv.2106.05050

2021-06-09

Distributed, Parallel, and Cluster Computing

Abstract:To operate efficiently across a wide range of workloads with varying power requirements, a modern processor applies different current management mechanisms, which briefly throttle instruction execution while they adjust voltage and frequency to accommodate for power-hungry instructions (PHIs) in the instruction stream. Doing so 1) reduces the power consumption of non-PHI instructions in typical workloads and 2) optimizes system voltage regulators' cost and area for the common use case while limiting current consumption when executing PHIs. However, these mechanisms may compromise a system's confidentiality guarantees. In particular, we observe that multilevel side-effects of throttling mechanisms, due to PHI-related current management mechanisms, can be detected by two different software contexts (i.e., sender and receiver) running on 1) the same hardware thread, 2) co-located Simultaneous Multi-Threading (SMT) threads, and 3) different physical cores. Based on these new observations on current management mechanisms, we develop a new set of covert channels, IChannels, and demonstrate them in real modern Intel processors (which span more than 70% of the entire client and server processor market). Our analysis shows that IChannels provides more than 24x the channel capacity of state-of-the-art power management covert channels. We propose practical and effective mitigations to each covert channel in IChannels by leveraging the insights we gain through a rigorous characterization of real systems.