automated combination of tolerance and control flow
play

Automated combination of tolerance and control flow integrity - PowerPoint PPT Presentation

Mar 06, 2024 •489 likes •681 views

Automated combination of tolerance and control flow integrity countermeasures against multiple fault attacks on embedded systems Thierno Barry PhD Candidate in security of Embedded Systems at CEA ( the French Atomic Energy Commission )

  1. Automated combination of tolerance and control flow integrity countermeasures against multiple fault attacks on embedded systems Thierno Barry PhD Candidate in security of Embedded Systems at CEA ( the French Atomic Energy Commission ) thierno.barry@cea.fr Damien Couroussé (CEA) Karine Heydemann (LIP6) Bruno Robisson (CEA) 2017 European LL VM Developers’ Meeting March 28, 2017, Saarbrücken, Germany

  2. CONTEXT • Embedded systems have increasingly become critical part of our daily life • One of the major threats against these systems are physical attacks Side Channel Attacks Fault Injection Attacks Obtain sensitive data Reverse engineering Bypass protections • These attacks essentially aim to: • The security of these systems reveals itself as major concern for both industrials and state organizations | 2 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  3. Our work consists in generating codes that are protected against these attacks | 3

  4. STATE OF THE ART Motivations • A number of software-based countermeasures against fault attacks already exist • Security properties cannot be guaranteed after code compilation Source [Balakrishan et al. 2008] code • Except if the compiler code optimizers are disabled as suggested in [Eldib et al. 2014] Source to Source approach è leads to a very high overheads +400% in [Lalande et al. 2014] • Compiler Unlike the source to source approach we have control over code optimizers Compilation approach • Unlike assembly approach we have the benefit of code transformation opportunities provided by the compiler è Allows to reduce the security overhead Assembly • approach Lack of semantic information • Several transformations need to be performed Binary è leads to significant overheads [Moro et al. 2014] code | 4 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  5. STATE OF THE ART Motivations • Each countermeasure is designed to protect against one single attack Protects Attack Countermeasure against • When it comes to protect against several attacks: 3 Attacks è Countermeasures are manually superposed è Interactions between countermeasures are not considered And yet [Regazzoni et al. 2008] and [Luo et al. 2014] have demonstrated that a code protected against fault attacks may become more vulnerable to side channel attacks | 5 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  6. OUR APPROACH Composition approach We propose Instead of 3 Attacks Countermeasures 3 Attacks Compilation approach Source code Compiler Binary code | 6 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  7. Fault Injection Attacks | 7

  8. FAULT INJECTION ATTACKS Fault Models • A fault may occurs at different levels FAULT LEVEL FAULT MODEL • Algorithmic • Replace an instruction • Instruction • Register • T ransistor If replaced by NOP If replaced by JUMP or equivalent or equivalent OBSERVED EFFECT OBSERVED EFFECT • • Instruction skip Control flow hijacking COUNTERMEASURE COUNTERMEASURE • • Redundancy Control flow Integrity • Our implemented countermeasure resists against: • Multi-fault that lead to skip N instructions N and W are arguments of our compiler • Fault that leads to skip W bytes • Control flow hijacking | 8 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  9. Instruction redundancy | 9

  10. TOLERANCE SCHEME is 𝐽 ∀ 𝐽 ∈ 𝐽𝑜𝑡𝑢𝑠 Yes Instructions Idempotent ? Duplicate 𝐽 (Instr) No Transform 𝐽 EXAMPLE LIMITATIONS • How to find free registers at this level is idempotent Duplication add R0, R1, R2 For [Barenghi et al. 2010] add R0, R1, R2 add R0, R1, R2 The number of free registers are Is not idempotent known for their implemented AES add R1, R1, R2 add R1, R1, R2 For [Moro et al. 2014] add R1, R1, R2 Transformation Using the ARM scratch register r12 [Moro et al. 2014] • Overhead mv RX, R1 Duplication At least ×4 for each non-idempotent mv RX, R1 mv RX, R1 instruction add R1, RX, R2 add R1, RX, R2 [Moro et al. 2014] reported ×14 for umlal add R1, RX, R2 | 10 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  11. COMPILATION APPROACH • The internal structure of our compiler is Transformation Code Emission IR Optimizers Control flow Redundancy Binary Source Instruction Instruction Instruction Instruction Separation Scheduling Allocation Front-end Register Selection Integrity Code Code passes IR IR IR Modified passes Implemented passes | 11 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  12. COMPILATION APPROACH • Modified passes The internal structure of our compiler is Implemented passes Transformation Code Emission IR Optimizers Control flow Redundancy Binary Source Instruction Instruction Instruction Instruction Separation Scheduling Allocation Front-end Register Selection Integrity Code Code passes IR IR IR This pass is modified in such a way that idempotent instructions are the ones privileged during the selection EXAMPLE For the operation: 𝑏 ∗ 𝑐 + 𝑑 mla is not idempotent But mul and add can be idempotent if the source mul and add are selected instead of mla and destination registers are different | 12 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  13. COMPILATION APPROACH • Modified passes The internal structure of our compiler is Implemented passes Transformation Code Emission IR Optimizers Control flow Redundancy Binary Source Instruction Instruction Instruction Instruction Separation Scheduling Allocation Front-end Register Selection Integrity Code Code passes IR IR IR This pass is modified to introduce a constraint so that: destinations registers are always different to sources ones EXAMPLE For the operation: 𝑏 = 𝑐 + 𝑑 instead of having: add R0, R0, R1 Duplication add R0, R1, R2 we have something like: add R0, R1, R2 add R0, R1, R2 | 13 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  14. COMPILATION APPROACH • Modified passes The internal structure of our compiler is Implemented passes Transformation Code Emission IR Optimizers Control flow Redundancy Binary Source Instruction Instruction Instruction Instruction Separation Scheduling Allocation Front-end Register Selection Integrity Code Code passes IR IR IR BL Elimination Pass The role of these passes is to handle instructions that need special treatments bl fun bl fun adr RX, retBB add R0, R1, R2 add LR, RX, #1 b fun bl fun b fun add R0, R1, R2 add R0, R1, R2 retBB : | 14 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  15. COMPILATION APPROACH • Modified passes The internal structure of our compiler is Implemented passes Transformation Code Emission IR Optimizers Control flow Redundancy Binary Source Instruction Instruction Instruction Instruction Separation Scheduling Allocation Front-end Register Selection Integrity Code Code passes IR IR IR Example: scheduling add R0, R1, R2 Before add R0, R1, R2 ldr R3, [R1, #4] ldr R3, [R1, #4] Advantages: 1. Performance scheduling 2. Security After à to prevent faulting the original and duplicated instruction simultaneously | 15 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  16. COMPILATION APPROACH • Modified passes The internal structure of our compiler is Implemented passes Transformation Code Emission IR Optimizers Control flow Redundancy Binary Source Instruction Instruction Instruction Instruction Separation Scheduling Allocation Front-end Register Selection Integrity Code Code passes IR IR IR The role of this pass is to leave the required distance between redundant instructions to protect against fault models for which the with > size of an instruction EXAMPLE • [Moro et al. 2014]: protects against fault that are >= 32-bit of width on an ARM Cortex-M3 à 16-bit instructions are disabled è ++ code size • [Rivière et al. 2015]: successfully injected faults that are = 64-bit of width à Moro et al’s solution doesn’t work Our scheme resists against both of these attack models Without disabling 16-bit instructions encoding - By simply providing the right parameters to our compiler - | 16 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

  17. EXPERIMENATL EVALUATION • Comparison with Moro et al .’s result, using the same benchmarks and same architecture • Target architecture : ARM Cortex-M3 Benchmark : AES (MiBench) Size : bytes Performance Evaluation COMPARED TO Moro et al. Opt. Overhead Moro et al 2014 flags Execution time size Execution time Size Best case: we are 22% better in × 1.66 × 2.28 execution speed and 25% in code size O0 × 2.14 × 3.02 Worst case: 6% better in execution × 1.98 × 2.16 O3 speed and 26% better in code size Security Evaluation • We successfully resisted against the following models of fault injections ü Single fault that skips one instruction ü Single fault that skips one W-instruction ü N simultaneous faults where each fault skips one instructions ü N simultaneous faults where each fault skips W-instructions ü Control flow hijacking | 17 Thierno Barry European LLVM Developers Meeting 2017 Saarbrücken, Germany

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Combination of Metso Minerals and Outotec Metso Flow Control to Become a Separately Listed

Combination of Metso Minerals and Outotec Metso Flow Control to Become a Separately Listed

Combination of Metso Minerals and Outotec Metso Flow Control to Become a Separately Listed Company Joint Disclaimer / Safe Harbour Statement Important information This presentation has been prepared by, and the information contained herein

584 views • 23 slides
1 What Is Control-Flow Analysis? Loop Concepts Control-flow analysis discovers the flow of

1 What Is Control-Flow Analysis? Loop Concepts Control-flow analysis discovers the flow of

Control-Flow Analysis and Loop Detection Context Last time Data-flow Speeding up data-flow analysis Flow of data values from defs to uses Could alternatively be represented as a data dependence Today Control-flow analysis

516 views • 5 slides
Flow and Congestion Control CS 218 F2003 Oct 29, 03 Flow control goals Classification

Flow and Congestion Control CS 218 F2003 Oct 29, 03 Flow control goals Classification

Flow and Congestion Control CS 218 F2003 Oct 29, 03 Flow control goals Classification and overview of main techniques TCP Tahoe, Reno, Vegas TCP Westwood Readings: (1) Keshavs book Chapter on Flow Control; (2)

374 views • 22 slides
Control flow Conditionals and Control Flow l A conditional branch

Control flow Conditionals and Control Flow l A conditional branch

10/2/15 Control flow Conditionals and Control Flow l A conditional branch is sufficient to implement most control Condition codes flow constructs offered in higher

356 views • 12 slides
1 Why Why flow flow control? control? sender

1 Why Why flow flow control? control? sender

Lecture 7. Lecture 7. TCP mechanisms for: TCP mechanisms for: data transfer control / flow control error control congestion control Graphical examples (applet java) of several algorithms at:

589 views • 13 slides
CSCI341 Lecture 31, Control RECALL... The datapath is a representation of the flow of

CSCI341 Lecture 31, Control RECALL... The datapath is a representation of the flow of

CSCI341 Lecture 31, Control RECALL... The datapath is a representation of the flow of information (data, instructions) through the CPU Implemented as combination of circuitry and combinatorial & sequential chips In order

456 views • 23 slides
Flow of Control Flow of Control Recitation 09/(11,12)/2008 CS 180 CS 180 Department of

Flow of Control Flow of Control Recitation 09/(11,12)/2008 CS 180 CS 180 Department of

Flow of Control Flow of Control Recitation 09/(11,12)/2008 CS 180 CS 180 Department of Computer Science, Purdue University Project 2 j Now posted on the class webpage. Due Wed, Sept. 17 at 10 pm. Start early All

663 views • 22 slides
V3 1/3/2015 Programming in C 1 Flow of Control Flow of control The order in which

V3 1/3/2015 Programming in C 1 Flow of Control Flow of control The order in which

V3 1/3/2015 Programming in C 1 Flow of Control Flow of control The order in which statements are executed Transfer of control When the next statement executed is not the next one in sequence 2 Flow of Control Control

310 views • 12 slides
Programming in C 1 Flow of Control Flow of control The order in which statements are

Programming in C 1 Flow of Control Flow of control The order in which statements are

Programming in C 1 Flow of Control Flow of control The order in which statements are executed Transfer of control When the next statement executed is not the next one in sequence 2 Flow of Control Control structures

540 views • 34 slides
Operators, Expressions, Statements, Control Flow 7 January 2019 OSU CSE 1 Operators An

Operators, Expressions, Statements, Control Flow 7 January 2019 OSU CSE 1 Operators An

Operators, Expressions, Statements, Control Flow 7 January 2019 OSU CSE 1 Operators An operator is a symbol (or combination of a couple symbols) that is used with variables and values to simplify how you write certain program expressions

551 views • 34 slides
Exceptional Control Flow: Hardware support for reacting to the rest of the world. Control Flow

Exceptional Control Flow: Hardware support for reacting to the rest of the world. Control Flow

Exceptional Control Flow: Hardware support for reacting to the rest of the world. Control Flow Processor: read instruction, execute it, go to next instruction, repeat Physical control flow Explicit changes: Jumps (conditional, unconditional)

428 views • 8 slides
ex 1. compare and test : conditions Aside: save conditions b,a computes a - b , sets flags,

ex 1. compare and test : conditions Aside: save conditions b,a computes a - b , sets flags,

Conditionals and Control Flow Two key pieces 1. Comparisons and tests: check conditions 2. Transfer control: choose next instruction Control flow Processor Control-Flow State Familiar C constructs Condition codes (a.k.a. flags ) if else l

191 views • 8 slides
Control Structures Lecture 4 COP 3014 Fall 2020 September 10, 2020 Control Flow Control flow

Control Structures Lecture 4 COP 3014 Fall 2020 September 10, 2020 Control Flow Control flow

Control Structures Lecture 4 COP 3014 Fall 2020 September 10, 2020 Control Flow Control flow refers to the specification of the order in which the individual statements, instructions or function calls of an imperative program are executed or

333 views • 19 slides
Python language: Control Flow The FOSSEE Group Department of Aerospace Engineering IIT Bombay

Python language: Control Flow The FOSSEE Group Department of Aerospace Engineering IIT Bombay

Python language: Control Flow The FOSSEE Group Department of Aerospace Engineering IIT Bombay Mumbai, India FOSSEE Team (FOSSEE IITB) Control flow 1 / 32 Outline Control flow 1 Basic Conditional flow Control flow 2 Basic Looping

560 views • 37 slides
Optimal Control of Plane Poiseuille Flow Workshop on Flow Control, Poitiers 11-14th Oct 04 J.

Optimal Control of Plane Poiseuille Flow Workshop on Flow Control, Poitiers 11-14th Oct 04 J.

Optimal Control of Plane Poiseuille Flow Workshop on Flow Control, Poitiers 11-14th Oct 04 J. Mckernan , J.F .Whidborne , G.Papadakis Cranfield University, U.K. Kings College, London, U.K. Optimal Control of

572 views • 22 slides
Control Flow Integrity Lujo Bauer 18-732 Spring 2015 Control Hijacking Arms Race Control

Control Flow Integrity Lujo Bauer 18-732 Spring 2015 Control Hijacking Arms Race Control

Control Flow Integrity Lujo Bauer 18-732 Spring 2015 Control Hijacking Arms Race Control Control Flow Flow Integrity Integrity Attacks Attacks 2 http://propercourse.blogspot.com/2010/05/i-believe-in-duct-tape.html CFI: Goal Provably

744 views • 41 slides
Why Is Random Testing Effective for Partition Tolerance Bugs? Rupak Majumdar, Filip Niksic Max

Why Is Random Testing Effective for Partition Tolerance Bugs? Rupak Majumdar, Filip Niksic Max

Why Is Random Testing Effective for Partition Tolerance Bugs? Rupak Majumdar, Filip Niksic Max Planck Institute for Software Systems (MPI-SWS) Despite Many Formal Approaches Despite Many Formal Approaches practitioners test their

1.03k views • 54 slides
Fault Tolerance, Replication, and Consistency 1 Motivation: Hadoop Cluster 2 Motivation:

Fault Tolerance, Replication, and Consistency 1 Motivation: Hadoop Cluster 2 Motivation:

Fault Tolerance, Replication, and Consistency 1 Motivation: Hadoop Cluster 2 Motivation: Hadoop Cluster Mostly retired desktops Intel Core 2: launched in 2008 Support is gathering old servers 3 Motivation: Hadoop Cluster Mostly retired

383 views • 35 slides
AFT: A Serverless Fault- Tolerance Shim Vikram Sreekanti , Chenggang Wu, Saurav Chhatrapati,

AFT: A Serverless Fault- Tolerance Shim Vikram Sreekanti , Chenggang Wu, Saurav Chhatrapati,

AFT: A Serverless Fault- Tolerance Shim Vikram Sreekanti , Chenggang Wu, Saurav Chhatrapati, Joseph E. Gonzalez, Joseph M. Hellerstein, Jose M. Faleiro RISE Lab, UC Berkeley 04/29/2020 Fault-Tolerance in Serverless Computing FaaS programs

93 views • 8 slides
Fault Tolerant Distributed Main Memory Systems CompSci 590.04

Fault Tolerant Distributed Main Memory Systems CompSci 590.04

Fault Tolerant Distributed Main Memory Systems CompSci 590.04 Instructor: Ashwin Machanavajjhala Lecture 16 : 590.04 Fall 15 1 Recap: Map Reduce ma p ! ! ,

641 views • 30 slides
Cross Link Insertion for Improving Tolerance to Variations in Clock Network Synthesis Tarun

Cross Link Insertion for Improving Tolerance to Variations in Clock Network Synthesis Tarun

Cross Link Insertion for Improving Tolerance to Variations in Clock Network Synthesis Tarun Mittal Cheng-Kok Koh School of Electrical and Computer Engineering Purdue University Presentation Flow Introduction Comparison of link

678 views • 43 slides
Adjustable flat layouts for Two- Failure Tolerant Storage Systems Thomas Schwarz, SJ Marquette

Adjustable flat layouts for Two- Failure Tolerant Storage Systems Thomas Schwarz, SJ Marquette

Adjustable flat layouts for Two- Failure Tolerant Storage Systems Thomas Schwarz, SJ Marquette University Motivation Storage device batches fail at di ff erent rates Example: Backblaze: 1163 Seagate Barracuda 7200.14 disks failed

511 views • 18 slides
NOVA-Fortis: A Fault-Tolerant Non- Volatile Main Memory File System Jian Andiry Xu, Lu Zhang ,

NOVA-Fortis: A Fault-Tolerant Non- Volatile Main Memory File System Jian Andiry Xu, Lu Zhang ,

NOVA-Fortis: A Fault-Tolerant Non- Volatile Main Memory File System Jian Andiry Xu, Lu Zhang , Amirsaman Memaripour, Akshatha Gangadharaiah, Amit Borase, Tamires Brito Da Silva, Andy Rudoff (Intel), Steven Swanson Non-Volatile Systems Laboratory

1.01k views • 71 slides
trial Astrid Jullion & Bruno Boulanger Exploratory Statistics Pharmacometrics Lou, living

trial Astrid Jullion & Bruno Boulanger Exploratory Statistics Pharmacometrics Lou, living

Fit-for-purpose limits and Tolerance intervals: connecting the assay performance to the clinical trial Astrid Jullion & Bruno Boulanger Exploratory Statistics Pharmacometrics Lou, living with epilepsy 13 octobre 08 Objective 2 the next

550 views • 25 slides

More recommend