TY - GEN
T1 - InsectACIDE
T2 - 30th IEEE Real-Time and Embedded Technology and Applications Symposium, RTAS 2024
AU - Wang, Yujie
AU - Mack, Cailani Lemieux
AU - Tan, Xi
AU - Zhang, Ning
AU - Zhao, Ziming
AU - Baruah, Sanjoy
AU - Ward, Bryan C.
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - Real-Time and embedded systems are predominantly written in C, a language that is notoriously not memory safe. This has led to widespread memory-corruption vulnerabilities in real-Time embedded cyber-physical systems (CPS). This is concerning, as such devices are becoming increasingly networked with the Internet of Things (IoT) and other communication technologies (e.g., 5G), rendering them vulnerable to remote attacks. Attackers have demonstrated how memory-corruption vulnerabilities can be used to hijack program control flow to implement arbitrary attacker-controlled logic. One class of defenses that has been developed to prevent such attacks is called control-flow integrity (CFI), which applies checks at control-flow transitions to ensure the target is valid. Unfortunately, attackers have shown how to divert control flow to seemingly valid targets in an invalid and malicious sequence. This paper presents InsectACIDE, the first holistic CFI for embedded and real-Time systems that does not require binary instrumentation and that is context sensitive, i.e., it checks that the sequence of control-flow transitions taken is valid, not just individual transitions, thereby detecting such attacks. InsectACIDE is implemented on an embedded Cortex-M processor using the TrustZone trusted execution environment, and holistic context-sensitive CFI is enforced for both applications and the kernel. InsectACIDE uses hardware debugging features on the Cortex-M processor and therefore does not require any kernel or application binary modification. Experimental results show that InsectACIDE incurs significantly less runtime overhead compared to the state-of-The-Art holistic CFI solution. Real-Time schedulability analysis is presented, along with a schedulability evaluation, to demonstrate the tradeoff between stronger protection and real-Time schedulability.
AB - Real-Time and embedded systems are predominantly written in C, a language that is notoriously not memory safe. This has led to widespread memory-corruption vulnerabilities in real-Time embedded cyber-physical systems (CPS). This is concerning, as such devices are becoming increasingly networked with the Internet of Things (IoT) and other communication technologies (e.g., 5G), rendering them vulnerable to remote attacks. Attackers have demonstrated how memory-corruption vulnerabilities can be used to hijack program control flow to implement arbitrary attacker-controlled logic. One class of defenses that has been developed to prevent such attacks is called control-flow integrity (CFI), which applies checks at control-flow transitions to ensure the target is valid. Unfortunately, attackers have shown how to divert control flow to seemingly valid targets in an invalid and malicious sequence. This paper presents InsectACIDE, the first holistic CFI for embedded and real-Time systems that does not require binary instrumentation and that is context sensitive, i.e., it checks that the sequence of control-flow transitions taken is valid, not just individual transitions, thereby detecting such attacks. InsectACIDE is implemented on an embedded Cortex-M processor using the TrustZone trusted execution environment, and holistic context-sensitive CFI is enforced for both applications and the kernel. InsectACIDE uses hardware debugging features on the Cortex-M processor and therefore does not require any kernel or application binary modification. Experimental results show that InsectACIDE incurs significantly less runtime overhead compared to the state-of-The-Art holistic CFI solution. Real-Time schedulability analysis is presented, along with a schedulability evaluation, to demonstrate the tradeoff between stronger protection and real-Time schedulability.
UR - http://www.scopus.com/inward/record.url?scp=85196579062&partnerID=8YFLogxK
U2 - 10.1109/RTAS61025.2024.00036
DO - 10.1109/RTAS61025.2024.00036
M3 - Conference contribution
AN - SCOPUS:85196579062
T3 - Proceedings of the IEEE Real-Time and Embedded Technology and Applications Symposium, RTAS
SP - 360
EP - 372
BT - Proceedings - 2024 IEEE 30th Real-Time and Embedded Technology and Applications Symposium, RTAS 2024
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 13 May 2024 through 16 May 2024
ER -