On-chip control flow integrity check for real time embedded systems

Abstract

Modern industrial plants, vehicles and other cyber-physical systems are increasingly being built as an aggregation of embedded platforms. Together with the soaring number of such systems and the current trends of increased connectivity, new security concerns are emerging. Classic approaches to security are not often suitable for embedded platforms. In this paper we propose a hardware based approach for checking the integrity of code flow of real-time tasks whit precisely predictable overheads that do not affect the critical path. Specifically, we employ a hardware module to perform control flow graph (CFG) validation at run-time of real-time component. For this purpose, we developed a binary-based, CFG generation tool. In addition, we also present our implementation of a CFG integrity checking module. The proposed approach is aimed at improving real-time systems security.