Implementation of Code Integrity Check Module for RISC-V Architecture with AES

2022 International Conference on Theoretical and Applied Computer Science and Engineering (ICTASCE) Pub Date : 2022-09-29 DOI:10.1109/ICTACSE50438.2022.10009686

Şafak Tülemez, D. Altilar

{"title":"Implementation of Code Integrity Check Module for RISC-V Architecture with AES","authors":"Şafak Tülemez, D. Altilar","doi":"10.1109/ICTACSE50438.2022.10009686","DOIUrl":null,"url":null,"abstract":"Embedded applications are commonly used in different fields. Different kinds vulnerabilities can occur in embedded systems because of various reasons such as coding bugs or security attacks. Most of security vulnerabilities can occur during coding phase of an embedded application. During the design phase of a program, different types of coding bugs can be inserted to executable. On the other hand, even if the executable program is very well coded, many different kinds of vulnerabilities can also occur at runtime. In this thesis, we aim to provide a security application which controls integrity of running program in computer. Executable binary of a program consists of data and text sections. CPU fetches and executes instructions in the text section of a program. Each instruction block is firstly placed into instruction cache of CPU. Instruction block hashes are generated after compiler phase of a program. Then, during the runtime phase instruction block hashes are recalculated and compared with compiler phase hash. We aim to prevent running of a corrupted or manipulated program during runtime phase.","PeriodicalId":301767,"journal":{"name":"2022 International Conference on Theoretical and Applied Computer Science and Engineering (ICTASCE)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 International Conference on Theoretical and Applied Computer Science and Engineering (ICTASCE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICTACSE50438.2022.10009686","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Embedded applications are commonly used in different fields. Different kinds vulnerabilities can occur in embedded systems because of various reasons such as coding bugs or security attacks. Most of security vulnerabilities can occur during coding phase of an embedded application. During the design phase of a program, different types of coding bugs can be inserted to executable. On the other hand, even if the executable program is very well coded, many different kinds of vulnerabilities can also occur at runtime. In this thesis, we aim to provide a security application which controls integrity of running program in computer. Executable binary of a program consists of data and text sections. CPU fetches and executes instructions in the text section of a program. Each instruction block is firstly placed into instruction cache of CPU. Instruction block hashes are generated after compiler phase of a program. Then, during the runtime phase instruction block hashes are recalculated and compared with compiler phase hash. We aim to prevent running of a corrupted or manipulated program during runtime phase.

查看原文本刊更多论文

基于AES的RISC-V架构代码完整性校验模块的实现

嵌入式应用程序通常用于不同的领域。由于编码错误或安全攻击等各种原因，嵌入式系统可能会出现不同类型的漏洞。大多数安全漏洞都可能发生在嵌入式应用程序的编码阶段。在程序的设计阶段，可以将不同类型的编码错误插入到可执行文件中。另一方面，即使可执行程序编码得很好，在运行时也可能出现许多不同类型的漏洞。在本文中，我们的目标是提供一个控制计算机运行程序完整性的安全应用程序。程序的可执行二进制文件由数据段和文本段组成。CPU获取并执行程序文本部分中的指令。每个指令块首先被放入CPU的指令缓存中。指令块哈希值是在程序的编译阶段之后生成的。然后，在运行阶段重新计算指令块哈希，并与编译阶段哈希进行比较。我们的目标是防止在运行时阶段运行损坏或被操纵的程序。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2022 International Conference on Theoretical and Applied Computer Science and Engineering (ICTASCE)

自引率

0.00%

发文量