TY - JOUR
T1 - TrustFlow-X
T2 - A Practical Framework for Fine-grained Control-flow Integrity in Critical Systems
AU - Bresch, Cyril
AU - Hély, David
AU - Lysecky, Roman
AU - Chollet, Stéphanie
AU - Parissis, Ioannis
N1 - Publisher Copyright:
© 2020 ACM.
PY - 2020/11
Y1 - 2020/11
N2 - This article addresses the challenges of memory safety in life-critical medical devices. Since the last decade, healthcare manufacturers have embraced the Internet of Things, pushing technological innovations to increase market share. Medical devices, including the most critical ones, tend to be increasingly connected to the Internet. Unfortunately, as critical devices often rely on unsafe programming languages such as C, they are no exception to memory safety issues. Given a memory vulnerability, a skillful attacker can take over a system and perform remote code execution. Combined with the fact that medical devices directly impact the safety of their users, a security vulnerability can lead to disastrous scenarios. To address this issue, this article presents TrustFlow-X, a novel hardware/software co-designed framework that provides efficient fine-grained control-flow integrity protection against memory-based attacks. The TrustFlow-X framework is composed of an LLVM-based compiler toolchain that generates a secure code. This secure code is then executed on an extended RISC-V processor that keeps track of sensitive data using a trusted memory. The obtained results show that the contribution is practical, providing a high level of trust in life-critical embedded systems.
AB - This article addresses the challenges of memory safety in life-critical medical devices. Since the last decade, healthcare manufacturers have embraced the Internet of Things, pushing technological innovations to increase market share. Medical devices, including the most critical ones, tend to be increasingly connected to the Internet. Unfortunately, as critical devices often rely on unsafe programming languages such as C, they are no exception to memory safety issues. Given a memory vulnerability, a skillful attacker can take over a system and perform remote code execution. Combined with the fact that medical devices directly impact the safety of their users, a security vulnerability can lead to disastrous scenarios. To address this issue, this article presents TrustFlow-X, a novel hardware/software co-designed framework that provides efficient fine-grained control-flow integrity protection against memory-based attacks. The TrustFlow-X framework is composed of an LLVM-based compiler toolchain that generates a secure code. This secure code is then executed on an extended RISC-V processor that keeps track of sensitive data using a trusted memory. The obtained results show that the contribution is practical, providing a high level of trust in life-critical embedded systems.
KW - Memory safety
KW - compiler
KW - control-flow integrity
KW - processor architecture
UR - http://www.scopus.com/inward/record.url?scp=85096870351&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85096870351&partnerID=8YFLogxK
U2 - 10.1145/3398327
DO - 10.1145/3398327
M3 - Article
AN - SCOPUS:85096870351
SN - 1539-9087
VL - 19
JO - ACM Transactions on Embedded Computing Systems
JF - ACM Transactions on Embedded Computing Systems
IS - 5
M1 - 3398327
ER -