Function flattening for lease-based, information-leak-free systems

ASAP 2010 - 21st IEEE International Conference on Application-specific Systems, Architectures and Processors Pub Date : 2010-07-07 DOI:10.1109/ASAP.2010.5540946

Xun Li, Mohit Tiwari, T. Sherwood, F. Chong

{"title":"Function flattening for lease-based, information-leak-free systems","authors":"Xun Li, Mohit Tiwari, T. Sherwood, F. Chong","doi":"10.1109/ASAP.2010.5540946","DOIUrl":null,"url":null,"abstract":"Recent research has proposed security-critical real-time embedded systems with provably-strong information containment through the use of hardware-enforced execution leases. Execution leases bound the time and address space used by functions to prevent information leakage between functions. Nested functions, however, require a relatively expensive hardware stack of execution leases. We introduce techniques to flatten nested functions and reduce overhead of the hardware stack. We note that while function flattening is impractical for conventional systems, avoiding information leakage results in constraints on program control that also make flattening possible in this setting. Through a combination of code hoisting and function splitting, we find that leases for nested functions can be substantially flattened in several practical examples. We note that some nested loop and function structures can lead to exponential growth in code size due to flattening, but that our techniques give system designers the ability to trade code size with hardware cost.","PeriodicalId":175846,"journal":{"name":"ASAP 2010 - 21st IEEE International Conference on Application-specific Systems, Architectures and Processors","volume":"124 3","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ASAP 2010 - 21st IEEE International Conference on Application-specific Systems, Architectures and Processors","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ASAP.2010.5540946","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

Recent research has proposed security-critical real-time embedded systems with provably-strong information containment through the use of hardware-enforced execution leases. Execution leases bound the time and address space used by functions to prevent information leakage between functions. Nested functions, however, require a relatively expensive hardware stack of execution leases. We introduce techniques to flatten nested functions and reduce overhead of the hardware stack. We note that while function flattening is impractical for conventional systems, avoiding information leakage results in constraints on program control that also make flattening possible in this setting. Through a combination of code hoisting and function splitting, we find that leases for nested functions can be substantially flattened in several practical examples. We note that some nested loop and function structures can lead to exponential growth in code size due to flattening, but that our techniques give system designers the ability to trade code size with hardware cost.

查看原文本刊更多论文

功能扁平化为基于租赁，信息泄漏无系统

最近的研究提出了安全关键型实时嵌入式系统，通过使用硬件强制执行租约来实现可证明的强信息遏制。执行租约绑定函数使用的时间和地址空间，以防止函数之间的信息泄漏。然而，嵌套函数需要相对昂贵的执行租约硬件堆栈。我们介绍了平面化嵌套函数和减少硬件堆栈开销的技术。我们注意到，虽然函数扁平化对传统系统来说是不切实际的，但避免信息泄漏会导致程序控制的约束，这也使扁平化在这种情况下成为可能。通过结合代码提升和函数拆分，我们发现在几个实际示例中，嵌套函数的租约可以被大大平面化。我们注意到，一些嵌套的循环和函数结构可能会由于扁平化而导致代码大小呈指数级增长，但是我们的技术使系统设计者能够用硬件成本来权衡代码大小。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ASAP 2010 - 21st IEEE International Conference on Application-specific Systems, Architectures and Processors

自引率

0.00%

发文量