改进片上系统(SoC)的调试架构以检测软件攻击

2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS) Pub Date : 2015-10-12 DOI:10.1109/DFT.2015.7315131

J. Backer, D. Hély, R. Karri

{"title":"改进片上系统(SoC)的调试架构以检测软件攻击","authors":"J. Backer, D. Hély, R. Karri","doi":"10.1109/DFT.2015.7315131","DOIUrl":null,"url":null,"abstract":"The prevalent use of systems-on-chip (SoCs) makes them prime targets for software attacks. Proposed security countermeasures monitor software execution in real-time, but are impractical, and require impractical changes to the internal logic of intellectual property (IP) cores. We leverage the software observability provided by the readily available SoC debug architecture to detect attacks without modifying IP cores. We add hardware components to configure the debug architecture for security monitoring, to store a golden software execution model, and to notify a trusted kernel process when an attack is detected. Our evaluations show that the additions do not impact runtime software execution, and incur 9% area and power overheads on a low-cost processor core.","PeriodicalId":383972,"journal":{"name":"2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS)","volume":"113 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"On enhancing the debug architecture of a system-on-chip (SoC) to detect software attacks\",\"authors\":\"J. Backer, D. Hély, R. Karri\",\"doi\":\"10.1109/DFT.2015.7315131\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The prevalent use of systems-on-chip (SoCs) makes them prime targets for software attacks. Proposed security countermeasures monitor software execution in real-time, but are impractical, and require impractical changes to the internal logic of intellectual property (IP) cores. We leverage the software observability provided by the readily available SoC debug architecture to detect attacks without modifying IP cores. We add hardware components to configure the debug architecture for security monitoring, to store a golden software execution model, and to notify a trusted kernel process when an attack is detected. Our evaluations show that the additions do not impact runtime software execution, and incur 9% area and power overheads on a low-cost processor core.\",\"PeriodicalId\":383972,\"journal\":{\"name\":\"2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS)\",\"volume\":\"113 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-10-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DFT.2015.7315131\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DFT.2015.7315131","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

摘要

片上系统(soc)的普遍使用使它们成为软件攻击的主要目标。提出的安全对策可以实时监视软件的执行，但是不切实际，并且需要对知识产权(IP)内核的内部逻辑进行不切实际的更改。我们利用现成可用的SoC调试架构提供的软件可观察性来检测攻击，而无需修改IP内核。我们添加硬件组件来配置用于安全监控的调试体系结构，存储黄金软件执行模型，并在检测到攻击时通知受信任的内核进程。我们的评估表明，增加的功能不会影响运行时软件的执行，并且会在低成本处理器核心上增加9%的面积和功耗开销。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

On enhancing the debug architecture of a system-on-chip (SoC) to detect software attacks

The prevalent use of systems-on-chip (SoCs) makes them prime targets for software attacks. Proposed security countermeasures monitor software execution in real-time, but are impractical, and require impractical changes to the internal logic of intellectual property (IP) cores. We leverage the software observability provided by the readily available SoC debug architecture to detect attacks without modifying IP cores. We add hardware components to configure the debug architecture for security monitoring, to store a golden software execution model, and to notify a trusted kernel process when an attack is detected. Our evaluations show that the additions do not impact runtime software execution, and incur 9% area and power overheads on a low-cost processor core.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS)

自引率

0.00%

发文量