Architectural Support for Secure and Survivable Embedded Software
Sathre, Jesse (2008) Architectural Support for Secure and Survivable Embedded Software. Masters thesis, Iowa State University.
Full text available as:
Attacks against vulnerable software have become a serious problem for industry and end-users alike. There have been many techniques proposed to combat these attacks which range from compiler modifications to additional architectural features. Most of these techniques focus on attack detection, while ignoring the problem of how to gracefully recover from such attacks. In this thesis we propose an architectural approach to attack detection and recovery which we call rollback and huddle. In our approach, a lightweight attack-detection module monitors a program’s execution as its state is continuously checkpointed. In the case of an attack, the program state is rolled back to a time before the attack occurred, and an additional HW/SW module is loaded to gain extra insight into the attack and possibly repair the original vulnerability. Our approach is based on the observation that the vast majority of a program’s execution can be trusted. Therefore, we aim to minimize the performance overhead during “normal” execution. Once an attack has been detected, the system is put into a “high alert” mode where a larger performance overhead is tolerated to make use of more complex techniques and avoid system down-time. We introduce simple hardware modules that work alongside a standard computer architecture, and aid in attack detection, checkpoint creation, and attack recovery. Our experimental results show that this approach can be achieved with minimal run-time overhead and resource utilization.
Archive Staff Only: edit this record