HardScope: Thwarting DOP with Hardware-assisted Run-time Scope Enforcement

Widespread use of memory unsafe programming languages (e.g., C and C++) leaves many systems vulnerable to memory corruption attacks. A variety of defenses have been proposed to mitigate attacks that exploit memory errors to hijack the control flow of the code at run-time, e.g., (fine-grained) randomization or Control Flow Integrity. However, recent work on data-oriented programming (DOP) demonstrated highly expressive (Turing-complete) attacks, even in the presence of these state-of-the-art defenses. Although multiple real-world DOP attacks have been demonstrated, no efficient defenses are yet available. We propose run-time scope enforcement (RSE), a novel approach designed to efficiently mitigate all currently known DOP attacks by enforcing compile-time memory safety constraints (e.g., variable visibility rules) at run-time. We present HardScope, a proof-of-concept implementation of hardware-assisted RSE for the new RISC-V open instruction set architecture. We discuss our systematic empirical evaluation of HardScope which demonstrates that it can mitigate all currently known DOP attacks, and has a real-world performance overhead of 3.2% in embedded benchmarks

VXA: A Virtual Architecture for Durable Compressed Archives

Data compression algorithms change frequently, and obsolete decoders do not always run on new hardware and operating systems, threatening the long-term usability of content archived using those algorithms. Re-encoding content into new formats is cumbersome, and highly undesirable when lossy compression is involved. Processor architectures, in contrast, have remained comparatively stable over recent decades. VXA, an archival storage system designed around this observation, archives executable decoders along with the encoded content it stores. VXA decoders run in a specialized virtual machine that implements an OS-independent execution environment based on the standard x86 architecture. The VXA virtual machine strictly limits access to host system services, making decoders safe to run even if an archive contains malicious code. VXA's adoption of a "native" processor architecture instead of type-safe language technology allows reuse of existing "hand-optimized" decoders in C and assembly language, and permits decoders access to performance-enhancing architecture features such as vector processing instructions. The performance cost of VXA's virtualization is typically less than 15% compared with the same decoders running natively. The storage cost of archived decoders, typically 30-130KB each, can be amortized across many archived files sharing the same compression method.Comment: 14 pages, 7 figures, 2 table

Definition of avionics concepts for a heavy lift cargo vehicle, appendix A

The major objective of the study task was to define a cost effective, multiuser simulation, test, and demonstration facility to support the development of avionics systems for future space vehicles. This volume provides the results of the main simulation processor selection study and describes some proof-of-concept demonstrations for the avionics test bed facility

Functional requirements document for the Earth Observing System Data and Information System (EOSDIS) Scientific Computing Facilities (SCF) of the NASA/MSFC Earth Science and Applications Division, 1992

Five scientists at MSFC/ESAD have EOS SCF investigator status. Each SCF has unique tasks which require the establishment of a computing facility dedicated to accomplishing those tasks. A SCF Working Group was established at ESAD with the charter of defining the computing requirements of the individual SCFs and recommending options for meeting these requirements. The primary goal of the working group was to determine which computing needs can be satisfied using either shared resources or separate but compatible resources, and which needs require unique individual resources. The requirements investigated included CPU-intensive vector and scalar processing, visualization, data storage, connectivity, and I/O peripherals. A review of computer industry directions and a market survey of computing hardware provided information regarding important industry standards and candidate computing platforms. It was determined that the total SCF computing requirements might be most effectively met using a hierarchy consisting of shared and individual resources. This hierarchy is composed of five major system types: (1) a supercomputer class vector processor; (2) a high-end scalar multiprocessor workstation; (3) a file server; (4) a few medium- to high-end visualization workstations; and (5) several low- to medium-range personal graphics workstations. Specific recommendations for meeting the needs of each of these types are presented

Optimized Fast Fourier Transform Architecture Using Instruction Set Architecture Extension In Low-End Digital Signal Controller

Smart microgrids have emerged as a viable solution in case of emergency situations occurred at the main electricity grid. The main concern of a smart microgrid is the degradation of the power quality caused by harmonic distortion originated from the non-linear equipment. With the rapid development of power electronic technology, the increased of harmonic-producing loads in the smart microgrids necessitating a new digital signal controller architecture for the harmonic measurement system. While the current system configurations are directed towards the 32-bit architecture, it shows higher requirements in area footprint and multi-core setup. This thesis presents the design of a low-end digital signal controller architecture using instruction set architecture (ISA) extension for the implementation of the harmonic measurement system in a smart microgrid. A new architecture, called UTeMRISC, is developed from the baseline 8-bit microcontroller with the capability to perform signal processing applications such as Fast Fourier Transform (FFT). The architecture is improved using the Application-Specific Instruction Set Processor (ASIP) approach by extending the instruction set architecture to 16-bit length. Instruction set customization is implemented to enable the execution of computationally intensive tasks. The entire architecture is described in Verilog Hardware Description Language (HDL) and implemented on the Virtex-6 FPGA board. From the test programs, UTeMRISC has demonstrated faster execution times and higher maximum operating frequency while not significantly increased the core’s resource utilization. Compared to the initial processor architecture, the support of extended ISA has increased the UTeMRISC core by 21.8% but at the same time allows to execute Fast Fourier Transform algorithm up to 5× faster. The combine effort of ISA extension and optimized instruction set generation results in up to 1 Mega sample per second, which translated to 66.8% increase of data throughput in the FFT algorithm when compared to a 32-bit architecture. This research proves that with comprehensive ASIP methodology and ISA extension, a low-end digital signal controller architecture is feasible and effective to be implemented in a harmonic measurement system for a smart microgrid

Design of multimedia processor based on metric computation

Media-processing applications, such as signal processing, 2D and 3D graphics rendering, and image compression, are the dominant workloads in many embedded systems today. The real-time constraints of those media applications have taxing demands on today's processor performances with low cost, low power and reduced design delay. To satisfy those challenges, a fast and efficient strategy consists in upgrading a low cost general purpose processor core. This approach is based on the personalization of a general RISC processor core according the target multimedia application requirements. Thus, if the extra cost is justified, the general purpose processor GPP core can be enforced with instruction level coprocessors, coarse grain dedicated hardware, ad hoc memories or new GPP cores. In this way the final design solution is tailored to the application requirements. The proposed approach is based on three main steps: the first one is the analysis of the targeted application using efficient metrics. The second step is the selection of the appropriate architecture template according to the first step results and recommendations. The third step is the architecture generation. This approach is experimented using various image and video algorithms showing its feasibility