Design and Implementation of RTOS-Aware Control-Flow Integrity Mechanism for Microcontroller-Based Systems
-
- KAWADA Tomoaki
- Graduate School of Infomatics, Nagoya University
-
- HONDA Shinya
- Faculty of Science and Engineering, Nanzan University
-
- MATSUBARA Yutaka
- Graduate School of Infomatics, Nagoya University
-
- TAKADA Hiroaki
- Graduate School of Infomatics, Nagoya University
この論文をさがす
抄録
<p>CFI (Control-Flow Integrity) is a class of defensive techniques against control-flow attacks such as Return-Oriented Programming. We propose a lightweight CFI scheme for RTOS-based applications, TZmCFI, which utilizes TrustZone for Armv8-M, a hardware-assisted security feature for embedded systems with tight resource constraints. TZmCFI embodies several existing CFI techniques to provide a self-contained toolset for building an instrumented application. The toolset is comprised of a modified LLVM-based compiler and a runtime library called Monitor. The modified LLVM code generator implements the traditional shadow stack technique by inserting calls to Monitor. To protect exception handlers, Monitor replaces an application's exception vector table and wrap interrupt handlers with exception trampolines, which implement variations of the shadow exception stack technique we proposed in our previous work. The performance evaluation on NXP Semiconductors LPC55S69 indicated a -7–35% increase in the execution times of FreeRTOS+MPU system calls and a 9.36% runtime overhead on CoreMark.</p>
収録刊行物
-
- コンピュータ ソフトウェア
-
コンピュータ ソフトウェア 39 (2), 2_39-2_68, 2022-04-21
日本ソフトウェア科学会
- Tweet
詳細情報 詳細情報について
-
- CRID
- 1390010997597248128
-
- NII書誌ID
- AN10075819
-
- NDL書誌ID
- 032171804
-
- ISSN
- 02896540
-
- 本文言語コード
- ja
-
- データソース種別
-
- JaLC
- NDL
-
- 抄録ライセンスフラグ
- 使用不可