TitanCFI: Toward Enforcing Control-Flow Integrity in the Root-of-Trust
CoRR(2024)
摘要
Modern RISC-V platforms control and monitor security-critical systems such as
industrial controllers and autonomous vehicles. While these platforms feature a
Root-of-Trust (RoT) to store authentication secrets and enable secure boot
technologies, they often lack Control-Flow Integrity (CFI) enforcement and are
vulnerable to cyber-attacks which divert the control flow of an application to
trigger malicious behaviours. Recent techniques to enforce CFI in RISC-V
systems include ISA modifications or custom hardware IPs, all requiring ad-hoc
binary toolchains or design of CFI primitives in hardware. This paper proposes
TitanCFI, a novel approach to enforce CFI in the RoT. TitanCFI modifies the
commit stage of the protected core to stream control flow instructions to the
RoT and it integrates the CFI enforcement policy in the RoT firmware. Our
approach enables maximum reuse of the hardware resource present in the
System-on-Chip (SoC), and it avoids the design of custom IPs and the
modification of the compilation toolchain, while exploiting the RoT
tamper-proof storage and cryptographic accelerators to secure CFI metadata. We
implemented the proposed architecture on a modern RISC-V SoC along with a
return address protection policy in the RoT, and benchmarked area and runtime
overhead. Experimental results show that TitanCFI achieves overhead comparable
to SoA hardware CFI solutions for most benchmarks, with lower area overhead,
resulting in 1
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要