CompaSeC A Compiler-Assisted Security Countermeasure to Address Instruction Skip Fault Attacks on RISC-V

Fault-injection attacks are a risk for any computing system executing security-relevant tasks, such as a secure boot process. While hardware-based countermeasures to these invasive attacks have been found to be a suitable option, they have to be implemented via hardware extensions and are thus not a...

Full description

Saved in:
Bibliographic Details
Published inProceedings of the 28th Asia and South Pacific Design Automation Conference pp. 676 - 682
Main Authors Geier, Johannes, Auer, Lukas, Mueller-Gritschneder, Daniel, Sharif, Uzair, Schlichtmann, Ulf
Format Conference Proceeding
LanguageEnglish
Published New York, NY, USA ACM 16.01.2023
SeriesACM Conferences
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:Fault-injection attacks are a risk for any computing system executing security-relevant tasks, such as a secure boot process. While hardware-based countermeasures to these invasive attacks have been found to be a suitable option, they have to be implemented via hardware extensions and are thus not available in most Commonly used Off-The-Shelf (COTS) components. Software Implemented Hardware Fault Tolerance (SIHFT) is therefore the only valid option to enhance a COTS system's resilience against fault attacks. Established SIHFT techniques usually target the detection of random hardware errors for functional safety and not targeted attacks. Using the example of a secure boot system running on a RISC-V processor, in this work we first show that when the software is hardened by these existing techniques from the safety domain, the number of vulnerabilities in the boot process to single, double, triple, and quadruple instruction skips cannot be fully closed. We extend these techniques to the security domain and propose Compiler-assisted Security Countermeasure (CompaSeC). We demonstrate that CompaSeC can close all vulnerabilities for the studied secure boot system. To further reduce performance and memory overheads we additionally propose a method for CompaSeC to selectively harden individual vulnerable functions without compromising the security against the considered instruction skip faults.
ISBN:9781450397834
1450397832
DOI:10.1145/3566097.3567925