|
Title:
|
POWERFUL HARDWARE BOUND CHECKING IN EMBEDDED SYSTEMS VIA A SECURE PROCESSOR ARCHITECTURE AND SECURE BOUND STORAGE |
|
Author(s):
|
Michael Georg Grasser , Johannes Priebsch , Georg Hofer , Eugen Brenner |
|
ISBN:
|
978-972-8924-30-0 |
|
Editors:
|
Nuno Guimarães and Pedro Isaías |
|
Year:
|
2007 |
|
Edition:
|
Single |
|
Keywords:
|
Embedded Computer Systems, Secure Processor Architecture, Hardware Bound Checking and Bound Storage |
|
Type:
|
Full Paper |
|
First Page:
|
205 |
|
Last Page:
|
212 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
Buffer overflows have been causing serious security problems in embedded computer systems over the last few years. This research topic is getting more important, as shown in the National Vulnerability Database from NIST. The percentage of software defects due to buffer overflows currently holds at 19% and is constantly increasing. In addition to effective protection, we also need to provide an approach to efficiently check whether software has been protected. In this paper, we propose a secure processor architecture, which improves security passively. The suggested architecture can directly execute bound checking in the processor. Furthermore registers are extended by two additional processor registers, which represent the highest and lowest value, the particular register is allowed to hold. The advantages of our technique are minor changes in the architecture, secure bound storage in the memory and high compatibility to legacy software. The firmware and a further hardware implementation of bound checking by extension of registers results in a noticeable increase in performance and security. After proposing the architecture, an implementation in a customized simulator demonstrates the behavior. The results show that our approach defends systems against several types of attacks with less performance overhead, when compared to software based solutions. |
|
|
|
|
|
|
