HECTOR-V: A Heterogeneous CPU Architecture for a Secure RISC-V Execution Environment

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem Konferenzband

Abstract

To ensure secure and trustworthy execution of applications in potentially insecure environments, vendors frequently embed trusted execution environments (TEE) into their systems.
Applications executed in this safe, isolated space are protected from adversaries, including a malicious operating system.
TEEs are usually build by integrating protection mechanisms directly into the processor or by using dedicated external secure elements.
However, both of these approaches only cover a narrow threat model resulting in limited security guarantees.
Enclaves nested into the application processor typically provide weak isolation between the secure and non-secure domain, especially when considering side-channel attacks.
Although external secure elements do provide strong isolation, the slow communication interface to the application processor is exposed to adversaries and restricts the use cases.
Independently of the used approach, TEEs often lack the possibility to establish secure communication to peripherals, and most operating systems executed inside TEEs do not provide state-of-the-art defense strategies, making them vulnerable to various attacks.

We argue that TEEs, such as Intel SGX or ARM TrustZone, implemented on the main application processor, are insecure, especially when considering side-channel attacks.
In this paper, we demonstrate how a heterogeneous multicore architecture can be utilized to realize a secure TEE design.
We directly embed a secure processor into our HECTOR-V architecture to provide strong isolation between the secure and non-secure domain.
The tight coupling of the TEE and the application processor enables HECTOR-V to provide mechanisms for establishing secure communication channels between different devices.
We further introduce RISC-V Secure Co-Processor (RVSCP), a security-hardened processor tailored for TEEs.
To secure applications executed inside the TEE, RVSCP provides hardware enforced control-flow integrity and rigorously restricts I/O accesses to certain execution states.
RVSCP reduces the trusted computing base to a minimum by providing operating system services directly in hardware.
Originalspracheenglisch
Titel2021 ACM Asia Conference on Computer and Communications Security
PublikationsstatusAngenommen/In Druck - 1 Mär 2021
Veranstaltung2021 ACM Asia Conference on Computer and Communications Security - Virtuell, China
Dauer: 7 Jun 202111 Jun 2021
https://asiaccs2021.comp.polyu.edu.hk/

Konferenz

Konferenz2021 ACM Asia Conference on Computer and Communications Security
KurztitelACM ASIACCS 2021
LandChina
OrtVirtuell
Zeitraum7/06/2111/06/21
Internetadresse

Fingerprint Untersuchen Sie die Forschungsthemen von „HECTOR-V: A Heterogeneous CPU Architecture for a Secure RISC-V Execution Environment“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren