Compiler-assisted architectural support for program code integrity monitoring in application-specific instruction set processors

2007 25th International Conference on Computer Design Pub Date : 2007-10-01 DOI:10.1109/ICCD.2007.4601899

Hai Lin, Xuan Guan, Yunsi Fei, Z. Shi

{"title":"Compiler-assisted architectural support for program code integrity monitoring in application-specific instruction set processors","authors":"Hai Lin, Xuan Guan, Yunsi Fei, Z. Shi","doi":"10.1109/ICCD.2007.4601899","DOIUrl":null,"url":null,"abstract":"(ASIPs) are being increasingly used in mobile embedded systems, the ubiquitous networking connections have exposed these systems under various malicious security attacks, which may alter the program code running on the systems. In addition, soft errors in microprocessors can also change program code and result in system malfunction. At the instruction level, all code modifications are manifested as bit flips. In this work, we present a generalized methodology for monitoring code integrity at run-time in ASIPs, where both the instruction set architecture (ISA) and the underlying microarchitecture can be customized for a particular application domain. Based on the microoperation-based monitoring architecture that we have presented in previous work, we propose a compiler-assisted and application-controlled management approach for the monitoring architecture. Experimental results show that compared with the OS-managed scheme and other compiler-assisted schemes, our approach can detect program code integrity compromises with much less performance degradation.","PeriodicalId":6306,"journal":{"name":"2007 25th International Conference on Computer Design","volume":"9 1","pages":"187-193"},"PeriodicalIF":0.0000,"publicationDate":"2007-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 25th International Conference on Computer Design","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCD.2007.4601899","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

(ASIPs) are being increasingly used in mobile embedded systems, the ubiquitous networking connections have exposed these systems under various malicious security attacks, which may alter the program code running on the systems. In addition, soft errors in microprocessors can also change program code and result in system malfunction. At the instruction level, all code modifications are manifested as bit flips. In this work, we present a generalized methodology for monitoring code integrity at run-time in ASIPs, where both the instruction set architecture (ISA) and the underlying microarchitecture can be customized for a particular application domain. Based on the microoperation-based monitoring architecture that we have presented in previous work, we propose a compiler-assisted and application-controlled management approach for the monitoring architecture. Experimental results show that compared with the OS-managed scheme and other compiler-assisted schemes, our approach can detect program code integrity compromises with much less performance degradation.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

在特定于应用程序的指令集处理器中对程序代码完整性监视的编译器辅助体系结构支持

(asip)在移动嵌入式系统中的应用越来越多，无处不在的网络连接使这些系统暴露在各种恶意安全攻击之下，这些攻击可能会改变系统上运行的程序代码。此外，微处理器中的软错误也会改变程序代码，导致系统故障。在指令级，所有代码修改都表现为位翻转。在这项工作中，我们提出了一种在api运行时监控代码完整性的通用方法，其中指令集体系结构(ISA)和底层微体系结构都可以针对特定的应用领域进行定制。基于我们在之前的工作中提出的基于微操作的监控体系结构，我们提出了一种编译器辅助和应用程序控制的监控体系结构管理方法。实验结果表明，与操作系统管理的方案和其他编译器辅助的方案相比，我们的方法可以检测到程序代码完整性的损害，并且性能下降很小。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2007 25th International Conference on Computer Design

自引率

0.00%

发文量