监督非对称多处理系统的TrustZone

2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT) Pub Date : 2019-12-01 DOI:10.1109/PDCAT46702.2019.00067

Mahdi Amiri-Kordestani, D. Eyers, Zhiyi Huang, M. Biglari-Abhari

{"title":"监督非对称多处理系统的TrustZone","authors":"Mahdi Amiri-Kordestani, D. Eyers, Zhiyi Huang, M. Biglari-Abhari","doi":"10.1109/PDCAT46702.2019.00067","DOIUrl":null,"url":null,"abstract":"Many modern forms of asymmetric multiprocessing (AMP) architecture use hypervisors to increase software security by isolating the system software in virtual machines. However, efficient virtualisation depends on hardware support that is not available across all products. Within modern ARM architectures, the aforementioned software isolation can also be implemented using ARM TrustZone technology. This paper presents a TrustZone-based AMP architecture (TZ-AMP) that can consolidate multiple system software environments securely on devices that lack hardware virtualisation support. We evaluate our prototype on the ARMv7-A architecture, and demonstrate TrustZone-based context-switching performance in the order of microseconds, confirming that TZ-AMP maintains high performance while also achieving hardware-backed software security.","PeriodicalId":166126,"journal":{"name":"2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)","volume":"278 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"TrustZone for Supervised Asymmetric Multiprocessing Systems\",\"authors\":\"Mahdi Amiri-Kordestani, D. Eyers, Zhiyi Huang, M. Biglari-Abhari\",\"doi\":\"10.1109/PDCAT46702.2019.00067\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Many modern forms of asymmetric multiprocessing (AMP) architecture use hypervisors to increase software security by isolating the system software in virtual machines. However, efficient virtualisation depends on hardware support that is not available across all products. Within modern ARM architectures, the aforementioned software isolation can also be implemented using ARM TrustZone technology. This paper presents a TrustZone-based AMP architecture (TZ-AMP) that can consolidate multiple system software environments securely on devices that lack hardware virtualisation support. We evaluate our prototype on the ARMv7-A architecture, and demonstrate TrustZone-based context-switching performance in the order of microseconds, confirming that TZ-AMP maintains high performance while also achieving hardware-backed software security.\",\"PeriodicalId\":166126,\"journal\":{\"name\":\"2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)\",\"volume\":\"278 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PDCAT46702.2019.00067\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PDCAT46702.2019.00067","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

许多现代形式的非对称多处理(AMP)体系结构使用管理程序，通过隔离虚拟机中的系统软件来提高软件安全性。然而，高效的虚拟化依赖于硬件支持，这并不是所有产品都能获得的。在现代ARM架构中，也可以使用ARM TrustZone技术实现上述软件隔离。本文提出了一种基于trustzone的AMP架构(TZ-AMP)，它可以在缺乏硬件虚拟化支持的设备上安全地整合多个系统软件环境。我们在ARMv7-A架构上评估了我们的原型，并以微秒的顺序演示了基于trustzone的上下文切换性能，确认了TZ-AMP在保持高性能的同时还实现了硬件支持的软件安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

TrustZone for Supervised Asymmetric Multiprocessing Systems

Many modern forms of asymmetric multiprocessing (AMP) architecture use hypervisors to increase software security by isolating the system software in virtual machines. However, efficient virtualisation depends on hardware support that is not available across all products. Within modern ARM architectures, the aforementioned software isolation can also be implemented using ARM TrustZone technology. This paper presents a TrustZone-based AMP architecture (TZ-AMP) that can consolidate multiple system software environments securely on devices that lack hardware virtualisation support. We evaluate our prototype on the ARMv7-A architecture, and demonstrate TrustZone-based context-switching performance in the order of microseconds, confirming that TZ-AMP maintains high performance while also achieving hardware-backed software security.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 20th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)

自引率

0.00%

发文量