Hardware/Software Runtime for GPSA Protection in RISC-V Embedded Cores
Saved in:
| Title: | Hardware/Software Runtime for GPSA Protection in RISC-V Embedded Cores |
|---|---|
| Authors: | Savary, Louis, Rokicki, Simon, Derrien, Steven |
| Contributors: | savary, louis |
| Source: | 2025 Design, Automation & Test in Europe Conference (DATE). :1-7 |
| Publisher Information: | IEEE, 2025. |
| Publication Year: | 2025 |
| Subject Terms: | Hardware Security, Control Flow Integrity, [INFO] Computer Science [cs] |
| Description: | State-of-the-art hardware countermeasures against fault attacks are based, among others, on control-flow and code integrity checking. Generalized Path Signature Analysis and Continuous Signature Monitoring can assert these integrity properties. However, supporting such mechanisms requires a dedicated compiler flow and does not support indirect jumps. This work proposes a technique based on a hardware/software runtime to generate those signatures while executing unmodified off-the-shelf RISC-V binaries. To the best of our knowledge, this is the first solution for providing this level of protection against fault injection on unmodified binaries. The proposed approach has been implemented on a pipelined processor, and experimental results show an average slowdown of ×3.35 and an area overhead of at least ×1.86 compared to unprotected implementations. |
| Document Type: | Article Conference object |
| File Description: | application/pdf |
| DOI: | 10.23919/date64628.2025.10993188 |
| Access URL: | https://hal.science/hal-04788484v3 |
| Rights: | STM Policy #29 CC BY |
| Accession Number: | edsair.doi.dedup.....dda5504015b64f6c05a3b64492421098 |
| Database: | OpenAIRE |
Nájsť tento článok vo Web of Science | Abstract: | State-of-the-art hardware countermeasures against fault attacks are based, among others, on control-flow and code integrity checking. Generalized Path Signature Analysis and Continuous Signature Monitoring can assert these integrity properties. However, supporting such mechanisms requires a dedicated compiler flow and does not support indirect jumps. This work proposes a technique based on a hardware/software runtime to generate those signatures while executing unmodified off-the-shelf RISC-V binaries. To the best of our knowledge, this is the first solution for providing this level of protection against fault injection on unmodified binaries. The proposed approach has been implemented on a pipelined processor, and experimental results show an average slowdown of ×3.35 and an area overhead of at least ×1.86 compared to unprotected implementations. |
|---|---|
| DOI: | 10.23919/date64628.2025.10993188 |