RISC-V Based Secure Processor Architecture for Return Address Protection

RISC-V-based cores are increasingly becoming pop-ular in embedded system applications because of their open-source architecture. Protecting such systems against memory-based attacks is one of the most difficult challenge. Buffer over-flow (BFO) attacks, specifically on Stack, can alter the program e...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:VLSI design s. 481 - 486
Hlavní autoři: Sharma, Lalit, Goel, Neeraj
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 04.01.2025
Témata:
Benchmark testing
Buffer Overflow
Control Flow Integrity
Delays
Embedded systems
Memory management
Microarchitecture
Out of order
Protection
Return Address Stack
Return-Oriented Programming
RISC-V
Security
Software
Very large scale integration
ISSN:2380-6923
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:RISC-V-based cores are increasingly becoming pop-ular in embedded system applications because of their open-source architecture. Protecting such systems against memory-based attacks is one of the most difficult challenge. Buffer over-flow (BFO) attacks, specifically on Stack, can alter the program execution flow and are extensively employed by attackers. RISC-V foundation is working on specifications that will be used to maintain the control flow integrity (CFI) of the overall system. It will add 'zicfiss' and 'zicfiip' extensions for both backward edge and forwarded edge CFI, respectively. We propose a hardware-based approach that uses existing Return Address Stack (RAS) and requires low overhead, minimal microarchitecture changes, and limited software overhead to protect against such attacks. We assessed the performance of our design using buffer-intensive benchmarks. We verified its security by subjecting it to evaluation with the RIPE benchmark and our in-house test cases for BFO check. This approach safeguards the system from BFO attacks and could also enhance its security against Spectre attacks that exploit RAS vulnerabilities. We validated our design with Rocket-Core-based SoC and found less than 0.1% memory overhead and 2% timing overhead from the best case.
ISSN:2380-6923
DOI:10.1109/VLSID64188.2025.00095