| Title | Compiler-Assisted Hardening of Embedded Software Against Interrupt Latency Side-Channel Attacks |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Winderix, Hans, Mühlberg, Jan Tobias, Piessens, Frank |
| Conference Name | 2021 IEEE European Symposium on Security and Privacy (EuroS&P) |
| Keywords | codes, compiler hardening, compiler security, composability, controlled-channel attacks, Embedded systems, Metrics, microcontrollers, Processor scheduling, Program processors, Prototypes, pubcrawl, Resiliency, side-channel attacks |
| Abstract | Recent controlled-channel attacks exploit timing differences in the rudimentary fetch-decode-execute logic of processors. These new attacks also pose a threat to software on embedded systems. Even when Trusted Execution Environments (TEEs) are used, interrupt latency attacks allow untrusted code to extract application secrets from a vulnerable enclave by scheduling interruption of the enclave. Constant-time programming is effective against these attacks but, as we explain in this paper, can come with some disadvantages regarding performance. To deal with this new threat, we propose a novel algorithm that hardens programs during compilation by aligning the execution time of corresponding instructions in secret-dependent branches. Our results show that, on a class of embedded systems with deterministic execution times, this approach eliminates interrupt latency side-channel leaks and mitigates limitations of constant-time programming. We have implemented our approach in the LLVM compiler infrastructure for the San-cus TEE, which extends the openMSP430 microcontroller, and we discuss applicability to other architectures. We make our implementation and benchmarks available for further research. |
| DOI | 10.1109/EuroSP51992.2021.00050 |
| Citation Key | winderix_compiler-assisted_2021 |
Compiler-Assisted Hardening of Embedded Software Against Interrupt Latency Side-Channel Attacks