Design and evaluation of information flow signature for secure computation of applications

This thesis presents an architectural solution that provides secure and reliable execution of an application that computes critical data, in spite of potential hardware and software vulnerabilities. The technique does not require source code of or specifications about the malicious library function(s) called during execution of an application. The solution is based on the concept of Information Flow Signatures (IFS). The technique uses both a model-checker-based symbolic fault injection analysis tool called SymPLFIED to generate an IFS for an application or operating system, and runtime signature checking at the level of hardware to protect the integrity of critical data. The runtime checking is implemented in the IFS module. Reliable computation of data is ensured by the critical value re-computation (CVR) module. Prototype implementation of the signature checking and reliability module on a soft processor within an FPGA incurs no performance overhead and about 12% chip area overhead. The security module itself incurs about 7.5% chip area overhead. Performance evaluations indicate that the IFS module incurs as little as 3-4% overhead compared to 88-100% overhead when the runtime checking is implemented as a part of software. Preliminary testing indicates that the technique can provide 100% coverage for insider attacks that manifest as memory corruption and change the architectural state of the processor. Hence the IFS and CVR implementation offers a flexible, low-overhead, high-coverage method for ensuring reliable and secure computing

Flexible Software Protection Using Hardware/Software Codesign Techniques

A strong level of trust in the software running on an embedded processor is a prerequisite for its widespread deployment in any high-risk system. The expanding field of software protection attempts to address the key steps used by hackers in attacking a software system. In this paper we present an efficient and tunable approach to some problems in embedded software protection that utilizes a hardware/software codesign methodology. By coupling our protective compiler techniques with reconfigurable hardware support, we allow for a greater flexibility of placement on the security-performance spectrum than previously proposed mainly-hardware or software approaches. Results show that for most of our benchmarks, the average performance penalty of our approach is less than 20%, and that this number can be greatly improved upon with the proper utilization of compiler and architectural optimizations. 1