A FPGA-based Control-Flow Integrity Solution for Securing Bare-Metal Embedded Systems

Maunero, Nicolò; Prinetto, P.; Roascio, Gianluca; Varriale, Antonio

doi:10.1109/dtis48698.2020.9081314

Cited by 8 publications

(3 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Because of the small capabilities of these devices, this extension must be as tiny as possible in terms of additional computational resources, and must not compromise the real-time nature of the execution. An example is given by [14], where a lightweight solution is presented to protect firmware running on a microcontroller through the use of an external FPGA, which implements a checker. Checks are triggered at critical branch points by a single instruction that invokes the FPGA.…”

Section: Discussionmentioning

confidence: 99%

HArMoNICS: High-Assurance Microgrid Network Infrastructure Case Study

Roascio

Costa

Baccelli³

et al. 2022

IEEE Access

Self Cite

View full text Add to dashboard Cite

Modern Intelligent Infrastructures (II) are highly complex, interconnected systems that are now emerging. For instance, II can integrate technologies and processes to provide citizens with faster services and better goods. An average II can include many technologies, e.g., Cloud applications and IoT devices, under different environments, e.g., industry 4.0 production plants and smart buildings. Although II bring concrete benefits to all of these contexts, they also carry security concerns. Reasoning about threats and security exposures that might affect II is non trivial. This is only partially due to their inherent complexity. As a matter of fact, real II are typically in charge of some critical operations that cannot be interrupted or compromised for experimental purposes. An alternative solution is to rely on digital replicas which can provide a good trade off between realism and usability. These assets represent a strategic and highly demanded resource for the security community. In this paper we present HArMoNICS, a case study infrastructure meant to provide a playground for security experts interested in II security. HArMoNICS revolves around a digital replica of a real Smart Polygeneration Microgrid (SPM) located in Italy. Although most of the components are based on or inspired to the real system, HArMoNICS has been enriched with further security-relevant features. As a result, the case study includes vertical uses cases focusing on specific security topics. Security researchers can use it to assess the effectiveness of new methodologies, to carry out security training activities, or even to extend it with new elements.

show abstract

Section: Discussionmentioning

confidence: 99%

HArMoNICS: High-Assurance Microgrid Network Infrastructure Case Study

Roascio

Costa

Baccelli³

et al. 2022

IEEE Access

Self Cite

View full text Add to dashboard Cite

show abstract

“…The fine-grained CFI performs static analysis on the code before execution, constructs corresponding control flow graphs, and verifies the validity of all transfer instructions at runtime. Although fine-grained checking mechanisms offer high security, they typically lead to considerable performance overhead [ 2 ], which makes their practical application in embedded systems difficult. Hu proposed the unique code target (UCT) CFI attribute and developed an uCFI prototype based on this attribute.…”

Section: Introductionmentioning

confidence: 99%

Securing Embedded System from Code Reuse Attacks: A Lightweight Scheme with Hardware Assistance

An,

Wang,

et al. 2023

Micromachines

View full text Add to dashboard Cite

The growing prevalence of embedded systems in various applications has raised concerns about their vulnerability to malicious code reuse attacks. Current software-based and hardware-assisted security techniques struggle to detect or block these attacks with minor performance and implementation overhead. To address this issue, this paper presents a lightweight hardware-assisted scheme to enhance the security of embedded systems against code reuse attacks. We develop an on-chip lightweight hardware shadow stack to validate target addresses at runtime for backward-edge control flow integrity, which backs up valid return addresses during function calls and automatically verifies actual return addresses during the return phase. Additionally, we propose a lightweight stream cipher circuit that encrypts and decrypts critical stack data related to control flow manipulation, preventing attackers from analyzing or tampering with them. When designing and implementing the security mechanism for embedded systems, we fully consider the constraints of limited system resources and performance, optimizing both the architecture design and implementation of the proposed hardware. Finally, we integrate both the proposed lightweight hardware shadow stack and the runtime data encryption hardware into the OR1200 processor. We have verified the system security function on the Terasic DE1-SoC FPGA platform and evaluated the system performance as well as implementation overhead. The results show that the proposed lightweight hardware-assisted scheme can provide a dedicated defense capability against code reuse attacks for embedded systems, with an average system performance overhead of 0.39% and an area footprint of 0.316 mm2.

show abstract

“…While popular architectures already have instruction sets that implement CFI, new proposals are emerging that implement these protections for FPGA systems [26,18] and RISC-V [15]. Besides hardware implementations, Section 2.1.6 present the need for even finer policies, so current research proposes new policies that aim at the reduction of EC sizes [42].…”

Section: New Researchesmentioning

confidence: 99%

Including the dynamic context of execution to improve CFI policies evaluation

Terra Delboni

View full text Add to dashboard Cite

Programas desenvolvidos em linguagem de nível intermediário (como C e C++) são vulneráveis a ataques conhecidos como Sequestro de Fluxo de Controle (CFH). Esses ataques usam pequenas vulnerabilidades de memória para corromper um programa e permitir o atacante a executar instruções arbitrárias. Bloquear CFH atualmente exige que o programa seja desenvolvido usando ferramentas específicas que garantam que não será possível corromper a memória de dados, o que não é prático para códigos já existentes. Nesses casos, o ataque pode apenas ser mitigado. Entre as soluções mais populares está Integridade de Fluxo de Controle (CFI), porém diferentes implementações de CFI possuem eficiência diferente em relação a segurança oferecida. Os atuais avanços para CFI dependem de comparar as diferentes implementações para escolher a melhor e de melhorar as implementações já existentes.Nessa tese será explorado o contexto dinâmico de execução como parâmetro para comparar as implementações de CFI. Isso vai permitir um melhor entendimento de o quão protegida estão as áreas de mais fácil acesso para o atacante. Será proposto uma forma de alterar as implementações já existentes que foca em proteger essas regiões. A pesquisa será validada por experimentos onde atualiza-se uma solução chamada KCFI, que foi a primeira proposta de CFI capaz de proteger o kernel Linux. A atualização nos permite extrair o contexto dinâmico de execução, calcular as métricas propostas e aplicar as mudanças que protegem focam em proteger as zonas mais acessíveis aos atacantes.

show abstract

A FPGA-based Control-Flow Integrity Solution for Securing Bare-Metal Embedded Systems

Cited by 8 publications

References 40 publications

HArMoNICS: High-Assurance Microgrid Network Infrastructure Case Study

HArMoNICS: High-Assurance Microgrid Network Infrastructure Case Study

Securing Embedded System from Code Reuse Attacks: A Lightweight Scheme with Hardware Assistance

Including the dynamic context of execution to improve CFI policies evaluation

Contact Info

Product

Resources

About