TY - JOUR
T1 - Hardware Assisted Buffer Protection Mechanisms for Embedded RISC-V
AU - De, Asmit
AU - Basu, Aditya
AU - Ghosh, Swaroop
AU - Jaeger, Trent
N1 - Funding Information:
Manuscript received September 26, 2019; revised January 30, 2020; accepted March 11, 2020. Date of publication March 31, 2020; date of current version November 20, 2020. This work was supported in part by Semiconductor Research Corporation under Grant GRC 2727.001 and Grant 2487.001, in part by National Science Foundation under Grant CNS 1722557, Grant 1801534, Grant CCF 1718474, Grant DGE 1723687, and Grant 1821766, and in part by DARPA Young Faculty Award under Grant D15AP00089. This article was recommended by Associate Editor Y. Jin. (Corresponding author: Asmit De.) The authors are with the Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA 16802 USA (e-mail: asmit@psu.edu; aditya.basu@psu.edu; szg212@psu.edu; trj1@psu.edu). Digital Object Identifier 10.1109/TCAD.2020.2984407
Publisher Copyright:
© 1982-2012 IEEE.
PY - 2020/12
Y1 - 2020/12
N2 - RISC-V is a promising open-source architecture that targets low-power embedded devices and system-on-chips (SoCs). However, there is a dearth of practical and low-overhead security solutions in the RISC-V architecture. Programs compiled using RISC-V toolchains are still vulnerable to code injection and code reuse attacks, such as buffer overflow and return-oriented programming (ROP). In this article, we propose two hardware-implemented security extensions to RISC-V that provides a defense mechanism against such attacks. We first employ a physically unclonable function (PUF)-based randomized canary generation technique that removes the need to store the sensitive canary words in memory or CPU registers, thereby being more secure, while incurring low overheads. We implement the proposed Canary Engine in RISC-V RocketChip with rocket custom coprocessor (RoCC). The simulation results show 2.2% average execution overhead with a single buffer protection, while a 10times increase in buffer count only increases the overhead by 1.5times when protection is extended to all buffers. We further improve upon this with a dedicated security coprocessor flow integrity extensions for embedded RISC-V (FIXER), implemented on the RoCC. FIXER enforces fine-grained control-flow integrity (CFI) of running programs on backward edges (returns) and forward edges (calls) without requiring any architectural modifications to the processor core. Compared to software-based solutions, FIXER reduces energy overhead by 60% at minimal execution time (1.5%) and area (2.9%) overheads.
AB - RISC-V is a promising open-source architecture that targets low-power embedded devices and system-on-chips (SoCs). However, there is a dearth of practical and low-overhead security solutions in the RISC-V architecture. Programs compiled using RISC-V toolchains are still vulnerable to code injection and code reuse attacks, such as buffer overflow and return-oriented programming (ROP). In this article, we propose two hardware-implemented security extensions to RISC-V that provides a defense mechanism against such attacks. We first employ a physically unclonable function (PUF)-based randomized canary generation technique that removes the need to store the sensitive canary words in memory or CPU registers, thereby being more secure, while incurring low overheads. We implement the proposed Canary Engine in RISC-V RocketChip with rocket custom coprocessor (RoCC). The simulation results show 2.2% average execution overhead with a single buffer protection, while a 10times increase in buffer count only increases the overhead by 1.5times when protection is extended to all buffers. We further improve upon this with a dedicated security coprocessor flow integrity extensions for embedded RISC-V (FIXER), implemented on the RoCC. FIXER enforces fine-grained control-flow integrity (CFI) of running programs on backward edges (returns) and forward edges (calls) without requiring any architectural modifications to the processor core. Compared to software-based solutions, FIXER reduces energy overhead by 60% at minimal execution time (1.5%) and area (2.9%) overheads.
UR - http://www.scopus.com/inward/record.url?scp=85083012594&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85083012594&partnerID=8YFLogxK
U2 - 10.1109/TCAD.2020.2984407
DO - 10.1109/TCAD.2020.2984407
M3 - Article
AN - SCOPUS:85083012594
VL - 39
SP - 4453
EP - 4465
JO - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
JF - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
SN - 0278-0070
IS - 12
M1 - 9051971
ER -