Ahmad T. Sheikh, Ali Shoker, Paulo Esteves-Verissimo
{"title":"在持续攻击之后恢复弹性和安全的芯片系统","authors":"Ahmad T. Sheikh, Ali Shoker, Paulo Esteves-Verissimo","doi":"10.1145/3578357.3589456","DOIUrl":null,"url":null,"abstract":"To cope with the ever increasing threats of dynamic and adaptive persistent attacks, Fault and Intrusion Tolerance (FIT) is being studied at the hardware level to increase critical systems resilience. Based on state-machine replication, FIT is known to be effective if replicas are compromised and fail independently. This requires different ways of diversification at the software and hardware levels. In this paper, we introduce the first FIT hardware-based rejuvenation framework, we call Samsara, that allows for creating new FIT replicas with computing cores of diverse architectures. This is made possible by taking advantage of the reconfiguration features of MPSoC with FPGAs. A persistent attack that analyzes and exploits the vulnerability of a core will not be effective as rejuvenation using a different core architecture can be done periodically. Samsara allows for both replacing and adding/removing new cores to adapt to varying levels of threat severity. We introduce this concept and discuss the feasibility using a preliminary design we propose. A more rigorous study and empirical evaluation are left for future work.","PeriodicalId":158487,"journal":{"name":"Proceedings of the 16th European Workshop on System Security","volume":"56 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Resilient and Secure System on Chip with Rejuvenation in the Wake of Persistent Attacks\",\"authors\":\"Ahmad T. Sheikh, Ali Shoker, Paulo Esteves-Verissimo\",\"doi\":\"10.1145/3578357.3589456\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"To cope with the ever increasing threats of dynamic and adaptive persistent attacks, Fault and Intrusion Tolerance (FIT) is being studied at the hardware level to increase critical systems resilience. Based on state-machine replication, FIT is known to be effective if replicas are compromised and fail independently. This requires different ways of diversification at the software and hardware levels. In this paper, we introduce the first FIT hardware-based rejuvenation framework, we call Samsara, that allows for creating new FIT replicas with computing cores of diverse architectures. This is made possible by taking advantage of the reconfiguration features of MPSoC with FPGAs. A persistent attack that analyzes and exploits the vulnerability of a core will not be effective as rejuvenation using a different core architecture can be done periodically. Samsara allows for both replacing and adding/removing new cores to adapt to varying levels of threat severity. We introduce this concept and discuss the feasibility using a preliminary design we propose. A more rigorous study and empirical evaluation are left for future work.\",\"PeriodicalId\":158487,\"journal\":{\"name\":\"Proceedings of the 16th European Workshop on System Security\",\"volume\":\"56 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 16th European Workshop on System Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3578357.3589456\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 16th European Workshop on System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3578357.3589456","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Resilient and Secure System on Chip with Rejuvenation in the Wake of Persistent Attacks
To cope with the ever increasing threats of dynamic and adaptive persistent attacks, Fault and Intrusion Tolerance (FIT) is being studied at the hardware level to increase critical systems resilience. Based on state-machine replication, FIT is known to be effective if replicas are compromised and fail independently. This requires different ways of diversification at the software and hardware levels. In this paper, we introduce the first FIT hardware-based rejuvenation framework, we call Samsara, that allows for creating new FIT replicas with computing cores of diverse architectures. This is made possible by taking advantage of the reconfiguration features of MPSoC with FPGAs. A persistent attack that analyzes and exploits the vulnerability of a core will not be effective as rejuvenation using a different core architecture can be done periodically. Samsara allows for both replacing and adding/removing new cores to adapt to varying levels of threat severity. We introduce this concept and discuss the feasibility using a preliminary design we propose. A more rigorous study and empirical evaluation are left for future work.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
