Secure Instruction and Data-Level Information Flow Tracking Model for RISC-V
-
Published:2023-11-16
Issue:4
Volume:7
Page:58
-
ISSN:2410-387X
-
Container-title:Cryptography
-
language:en
-
Short-container-title:Cryptography
Author:
Nicholas Geraldine Shirley1, Aklekar Dhruvakumar Vikas1, Thakar Bhavin1, Saqib Fareena1
Affiliation:
1. Electrical and Computer Engineering, University of North Carolina at Charlotte, Charlotte, NC 28262, USA
Abstract
With the proliferation of electronic devices, third-party intellectual property (3PIP) integration in the supply chain of the semiconductor industry and untrusted actors/fields have raised hardware security concerns that enable potential attacks, such as unauthorized access to data, fault injection and privacy invasion. Different security techniques have been proposed to provide resilience to secure devices from potential vulnerabilities; however, no one technique can be applied as an overarching solution. We propose an integrated Information Flow Tracking (IFT) technique to enable runtime security to protect system integrity by tracking the flow of data from untrusted communication channels. Existing hardware-based IFT schemes are either fine-, which are resource-intensive, or coarse-grained models, which have minimal precision logic, providing either control-flow or data-flow integrity. No current security model provides multi-granularity due to the difficulty in balancing both the flexibility and hardware overheads at the same time. This study proposes a multi-level granularity IFT model that integrates a hardware-based IFT technique with a gate-level-based IFT (GLIFT) technique, along with flexibility, for better precision and assessments. Translation from the instruction level to the data level is based on module instantiation with security-critical data for accurate information flow behaviors without any false conservative flows. A simulation-based IFT model is demonstrated, which translates the architecture-specific extensions into a compiler-specific simulation model with toolchain extensions for Reduced Instruction Set Architecture (RISC-V) to verify the security extensions. This approach provides better precision logic by enhancing the tagged mechanism with 1-bit tags and implementing an optimized shadow logic that eliminates the area overhead by tracking the data for only security-critical modules.
Subject
Applied Mathematics,Computational Theory and Mathematics,Computer Networks and Communications,Computer Science Applications,Software
Reference48 articles.
1. Newsome, J., and Song, D. (2005, January 3). Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. Proceedings of the 12th Annual Network and Distributed System Security Symposium (NDSS ’05), San Diego, CA, USA. 2. Raksha;Dalton;ACM SIGARCH Comput. Arch. News,2007 3. Hardware Information Flow Tracking;Hu;ACM Comput. Surv.,2021 4. Suh, G.E., Lee, J.W., Zhang, D., and Devadas, S. (2004, January 7–13). Secure program execution via dynamic information flow tracking. Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS XI), Boston, MA, USA. 5. Chen, K., Guo, X., Deng, Q., and Jin, Y. (2021). Dynamic Information Flow Tracking: Taxonomy, Challenges, and Opportunities. Micromachines, 12.
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
|
|