Symbolic bounds analysis of pointers, array indices, and accessed memory regions
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
CSSV: towards a realistic tool for statically detecting all buffer overflows in C
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Cycle-accurate power analysis for multiprocessor systems-on-a-chip
Proceedings of the 14th ACM Great Lakes symposium on VLSI
The future of multiprocessor systems-on-chips
Proceedings of the 41st annual Design Automation Conference
Security in embedded systems: Design challenges
ACM Transactions on Embedded Computing Systems (TECS)
Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns
IEEE Security and Privacy
Mobile Phones as Computing Devices: The Viruses are Coming!
IEEE Pervasive Computing
Secure Embedded Processing through Hardware-Assisted Run-Time Monitoring
Proceedings of the conference on Design, Automation and Test in Europe - Volume 1
Hardware support for code integrity in embedded processors
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
SECA: security-enhanced communication architecture
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
A Real-time Media Framework for Asymmetric MPSoC
ISORC '06 Proceedings of the Ninth IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing
IMPRES: integrated monitoring for processor reliability and security
Proceedings of the 43rd annual Design Automation Conference
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Physical unclonable functions for device authentication and secret key generation
Proceedings of the 44th annual Design Automation Conference
Design methodology for pipelined heterogeneous multiprocessor system
Proceedings of the 44th annual Design Automation Conference
Ensuring secure program execution in multiprocessor embedded systems: a case study
CODES+ISSS '07 Proceedings of the 5th IEEE/ACM international conference on Hardware/software codesign and system synthesis
SHIELD: a software hardware design methodology for security and reliability of MPSoCs
Proceedings of the 45th annual Design Automation Conference
LOCS: a low overhead profiler-driven design flow for security of MPSoCs
CODES+ISSS '08 Proceedings of the 6th IEEE/ACM/IFIP international conference on Hardware/Software codesign and system synthesis
An architectural framework for detecting process hangs/crashes
EDCC'05 Proceedings of the 5th European conference on Dependable Computing
Hi-index | 0.00 |
Multiprocessor System on Chip (MPSoC) architecture is rapidly gaining momentum for modern embedded devices. The vulnerabilities in software on MPSoCs are often exploited to cause software attacks, which are the most common type of attacks on embedded systems. Therefore, we propose an MPSoC architectural framework, CUFFS, for an Application Specific Instruction set Processor (ASIP) design that has a dedicated security processor called iGuard for detecting software attacks. The CUFFS framework instruments the source code in the application processors at the basic block (BB) level with special instructions that allow communication with iGuard at runtime. The framework also analyzes the code in each application processor at compile time to determine the program control flow graph and the number of instructions in each basic block, which are then stored in the hardware tables of iGuard. The iGuard uses its hardware tables to verify the applications' execution at runtime. For the first time, we propose a framework that probes the application processors to obtain their Instruction Count and employs an actively engaging security processor that can detect attacks even when an application processor does not communicate with iGuard. CUFFS relies on the exact number of instructions in the basic block to determine an attack which is superior to other time-frame based measures proposed in the literature. We present a systematic analysis on how CUFFS can thwart common software attacks. Our implementation of CUFFS on the Xtensa LX2 processor from Tensilica Inc. had a worst case runtime penalty of 44% and an area overhead of about 28%.