Architectural Enhancement and System Software Support for Program Code Integrity Monitoring in Application-Specific Instruction-Set Processors

摘要

Program code in a computer system can be altered either by malicious security attacks or by various faults in microprocessors. At the instruction level, all code modifications are manifested as bit flips. In this paper, we present a generalized methodology for monitoring code integrity at run-time in application-specific instruction-set processors. We embed monitoring microoperations in machine instructions, so the processor is augmented with a hardware monitor automatically. The monitor observes the processor's execution trace at run-time, checks whether it aligns with the expected program behavior, and signals any mismatches. Since the monitor works at a level below the instructions, the monitoring mechanism cannot be bypassed by software or compromised by malicious users. We discuss the ability and limitation of such monitoring mechanism for detecting both soft errors and code injection attacks. We propose two different schemes for managing the monitor, the operating system (OS) managed and application controlled, and design the constituent components within the monitoring architecture. Experimental results show that with an effective hash function implementation, our microarchitectural support can detect program code integrity compromises at a high probability with small area overhead and little performance degradation.