Securing untrusted memories in embedded systems
Embedded systems have become a pervasive part of our lives and they are now the driving force behind technological advancements in many commercial sectors such as health, automotive, manufacturing, etc. Due to our high dependability on such systems, it is essential that they are secure. However,...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis-Doctor of Philosophy |
| Language: | English |
| Published: |
Nanyang Technological University
2020
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/138253 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Embedded systems have become a pervasive part of our lives and they are now the driving
force behind technological advancements in many commercial sectors such as health,
automotive, manufacturing, etc. Due to our high dependability on such systems, it is
essential that they are secure. However, commercially available embedded processors
cannot guarantee secure storage in external memories, thereby exposing the vulnerability
of the system to memory attacks. Protecting embedded systems from such malicious
attacks poses an enormous challenge as existing memory security schemes contribute to
excessive runtime overheads. This thesis aims to address this challenge by proposing
compile-time and runtime strategies for securing untrusted memories from active memory
attacks (e.g. replay, spoo ng and splicing attacks) that can compromise the con dentiality
and integrity of the memory data. Architecture-aware algorithms are proposed to support
the adaptation of memory integrity trees to application workloads. Security analysis is
undertaken to ensure that the performance gains are achieved without compromising on
the security strength.
In order to investigate the potential of customizing memory integrity trees to application
workloads for reducing the authentication overhead, we rst devised an approach
to restructure the integrity trees at compile-time by analyzing the static memory access
patterns. The nodes of the memory integrity tree are placed on di erent levels of the tree
based on the frequency of memory accesses. We validated the e ectiveness of the proposed
approach on the Altera NIOS II processor with an external DRAM. Experimental results
using applications from widely-used benchmarks show that the proposed approach leads
to an average runtime improvement of 18% over conventional memory protection schemes.
Since not all application workloads are known at compile-time, we proposed a technique
to dynamically customize the integrity tree based on the runtime memory access patterns. The proposed scheme enables the memory integrity tree to be dynamically
restructured to signi cantly reduce the number of veri cation steps for the frequently
accessed memory blocks, leading to overall reduction in the overhead for memory authentication.
Experimental results show an average performance improvement of 30%
compared to the conventional balanced integrity tree approach.
Next, we proposed a memory authentication framework that combines architecturespeci
c optimizations of the integrity tree with mechanisms that enable it to restructure at
runtime based on memory access patterns. The integrity tree structure is customized based
on the cache con guration in order to minimize the performance and energy overhead
through speculative authentication. The framework is simulated with Multi2Sim targeting
an Intel x86 processor to explore the impact of various cache con gurations on the memory
authentication overhead. Experimental results show that an average performance gain
of 30% can be obtained over the conventional balanced tree approach. In addition, the
proposed framework enables the selection of optimal cache con gurations that can lead
to reduced energy savings of over 40% without sacri cing performance.
Finally, we proposed three schemes to improve the scalability of our dynamic skewed
integrity tree approach. The rst scheme utilizes a dedicated Tree-Cache to cache memory
integrity tree nodes. The tree is initialized using Van-Emde Boas (vEB) organization to
take advantage of locality of reference. This led to a performance gain of approximately
15%. In the second scheme, we proposed a dynamic skew-and-split tree, DISSECT, which
progressively adjust the tree height by varying the tree arity to reduce authentication
overhead. DISSECT can mitigate the frequent over
owing of counters that are used for
encryption when the tree arity is increased. Experimental results show an average of 20%
reduction in authentication time over the balanced tree approach. Finally, we evaluated
the bene ts of integrating a cryptographic hardware module in the memory controller.
This resulted in a 40-50% decrease in authentication time during memory authentication. |
|---|