Minimal partitioning kernel with time protection and predictability
2024 (English)In: Proceedings - 9th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2024, Institute of Electrical and Electronics Engineers (IEEE) , 2024, p. 234-241Conference paper, Published paper (Refereed)
Abstract [en]
We assess the effectiveness of the temporal fence instruction, introduced by Wistoff et al. (2023), primarily in enhancing both security and timing predictability for embedded systems. Originally demonstrated to eliminate microar-chitectural side-channels by flushing the on-core microarchitectural state using the seL4 kernel, we extend the evaluation of the temporal fence to a minimal kernel using RISe- V's PMP to protect applications, examining its implications for both security and safety. Our experiments demonstrate that by using scratchpad memory and the temporal fence, we can improve the security and time predictability of applications on both embedded and application-level processors. Furthermore, we find that the performance overhead introduced by the temporal fence remains within acceptable limits for hard real-time systems, which demonstrates the temporal fence's potential in securing applications against side-channel attacks while enhancing system reliability.
Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE) , 2024. p. 234-241
Keywords [en]
constrained devices, embedded devices, mpu, safety, security, separation kernel, spatial partitioning, tee, temporal partitioning, time protection
National Category
Computer Sciences Computer Engineering
Identifiers
URN: urn:nbn:se:kth:diva-353501DOI: 10.1109/EuroSPW61312.2024.00031ISI: 001302657400025Scopus ID: 2-s2.0-85203000226OAI: oai:DiVA.org:kth-353501DiVA, id: diva2:1899176
Conference
9th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2024, July 8-12, 2024, Vienna, Austria
Note
Part of ISBN: 9798350367294
QC 20240926
2024-09-192024-09-192024-10-30Bibliographically approved