2 research outputs found
Secure Instruction and Data-Level Information Flow Tracking Model for RISC-V
Rising device use and third-party IP integration in semiconductors raise
security concerns. Unauthorized access, fault injection, and privacy invasion
are potential threats from untrusted actors. Different security techniques have
been proposed to provide resilience to secure devices from potential
vulnerabilities; however, no one technique can be applied as an overarching
solution. We propose an integrated Information Flow Tracking (IFT) technique to
enable runtime security to protect system integrity by tracking the flow of
data from untrusted communication channels. Existing hardware-based IFT schemes
are either fine-, which are resource-intensive, or coarse-grained models, which
have minimal precision logic, providing either control flow or data-flow
integrity. No current security model provides multi-granularity due to the
difficulty in balancing both the flexibility and hardware overheads at the same
time. This study proposes a multi-level granularity IFT model that integrates a
hardware-based IFT technique with a gate-level-based IFT (GLIFT) technique,
along with flexibility, for better precision and assessments. Translation from
the instruction level to the data level is based on module instantiation with
security-critical data for accurate information flow behaviors without any
false conservative flows. A simulation-based IFT model is demonstrated, which
translates the architecture-specific extensions into a compiler-specific
simulation model with toolchain extensions for Reduced Instruction Set
Architecture (RISC-V) to verify the security extensions. This approach provides
better precision logic by enhancing the tagged mechanism with 1-bit tags and
implementing an optimized shadow logic that eliminates the area overhead by
tracking the data for only security-critical modules