Title | FIXER: Flow Integrity Extensions for Embedded RISC-V |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | De, Asmit, Basu, Aditya, Ghosh, Swaroop, Jaeger, Trent |
Conference Name | 2019 Design, Automation Test in Europe Conference Exhibition (DATE) |
Keywords | Bars, buffer overflow, Buffer overflows, Code injection, code reuse attacks, composability, Computer architecture, coprocessors, data integrity, Embedded systems, fine-grained control-flow integrity, FIXER, flow integrity extensions for embedded RISC-V, Hardware, human factors, integrated Rocket Custom Coprocessor, Internet of Things, low-power embedded devices, open source architecture, program compilers, pubcrawl, reduced instruction set computing, Resiliency, return oriented programming, RISC-V, RISC-V architecture, RISC-V processor core, RISC-V SoC platform, RISC-V toolchains, Rockets, ROP, Scalability, security, security extension, security framework, security of data, shadow stack, software architecture, software reusability, system-on-chip |
Abstract | With the recent proliferation of Internet of Things (IoT) and embedded devices, there is a growing need to develop a security framework to protect such devices. RISC-V is a promising open source architecture that targets low-power embedded devices and SoCs. However, there is a dearth of practical and low-overhead security solutions in the RISC-V architecture. Programs compiled using RISC-V toolchains are still vulnerable to code injection and code reuse attacks such as buffer overflow and return-oriented programming (ROP). In this paper, we propose FIXER, a hardware implemented security extension to RISC-V that provides a defense mechanism against such attacks. FIXER enforces fine-grained control-flow integrity (CFI) of running programs on backward edges (returns) and forward edges (calls) without requiring any architectural modifications to the RISC-V processor core. We implement FIXER on RocketChip, a RISC-V SoC platform, by leveraging the integrated Rocket Custom Coprocessor (RoCC) to detect and prevent attacks. Compared to existing software based solutions, FIXER reduces energy overhead by 60% at minimal execution time (1.5%) and area (2.9%) overheads. |
DOI | 10.23919/DATE.2019.8714980 |
Citation Key | de_fixer_2019 |