改进片上系统(SoC)的调试架构以检测软件攻击

J. Backer, D. Hély, R. Karri
{"title":"改进片上系统(SoC)的调试架构以检测软件攻击","authors":"J. Backer, D. Hély, R. Karri","doi":"10.1109/DFT.2015.7315131","DOIUrl":null,"url":null,"abstract":"The prevalent use of systems-on-chip (SoCs) makes them prime targets for software attacks. Proposed security countermeasures monitor software execution in real-time, but are impractical, and require impractical changes to the internal logic of intellectual property (IP) cores. We leverage the software observability provided by the readily available SoC debug architecture to detect attacks without modifying IP cores. We add hardware components to configure the debug architecture for security monitoring, to store a golden software execution model, and to notify a trusted kernel process when an attack is detected. Our evaluations show that the additions do not impact runtime software execution, and incur 9% area and power overheads on a low-cost processor core.","PeriodicalId":383972,"journal":{"name":"2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS)","volume":"113 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"On enhancing the debug architecture of a system-on-chip (SoC) to detect software attacks\",\"authors\":\"J. Backer, D. Hély, R. Karri\",\"doi\":\"10.1109/DFT.2015.7315131\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The prevalent use of systems-on-chip (SoCs) makes them prime targets for software attacks. Proposed security countermeasures monitor software execution in real-time, but are impractical, and require impractical changes to the internal logic of intellectual property (IP) cores. We leverage the software observability provided by the readily available SoC debug architecture to detect attacks without modifying IP cores. We add hardware components to configure the debug architecture for security monitoring, to store a golden software execution model, and to notify a trusted kernel process when an attack is detected. Our evaluations show that the additions do not impact runtime software execution, and incur 9% area and power overheads on a low-cost processor core.\",\"PeriodicalId\":383972,\"journal\":{\"name\":\"2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS)\",\"volume\":\"113 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-10-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DFT.2015.7315131\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DFT.2015.7315131","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 9

摘要

片上系统(soc)的普遍使用使它们成为软件攻击的主要目标。提出的安全对策可以实时监视软件的执行,但是不切实际,并且需要对知识产权(IP)内核的内部逻辑进行不切实际的更改。我们利用现成可用的SoC调试架构提供的软件可观察性来检测攻击,而无需修改IP内核。我们添加硬件组件来配置用于安全监控的调试体系结构,存储黄金软件执行模型,并在检测到攻击时通知受信任的内核进程。我们的评估表明,增加的功能不会影响运行时软件的执行,并且会在低成本处理器核心上增加9%的面积和功耗开销。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
On enhancing the debug architecture of a system-on-chip (SoC) to detect software attacks
The prevalent use of systems-on-chip (SoCs) makes them prime targets for software attacks. Proposed security countermeasures monitor software execution in real-time, but are impractical, and require impractical changes to the internal logic of intellectual property (IP) cores. We leverage the software observability provided by the readily available SoC debug architecture to detect attacks without modifying IP cores. We add hardware components to configure the debug architecture for security monitoring, to store a golden software execution model, and to notify a trusted kernel process when an attack is detected. Our evaluations show that the additions do not impact runtime software execution, and incur 9% area and power overheads on a low-cost processor core.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Software-based on-chip thermal sensor calibration for DVFS-enabled many-core systems REPAIR: Hard-error recovery via re-execution Compacting output responses containing unknowns using an embedded processor Fault detection and repair of DSC arrays through memristor sensing Security analysis of logic encryption against the most effective side-channel attack: DPA
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1