Header menu link for other important links
X
Shakti-MS: A RISC-V processor for memory safety in C
Arjun Menon, , Kamakoti Veezhinathan
Published in Association for Computing Machinery
2019
Pages: 19 - 32
Abstract
In this era of IoT devices, security is very often traded off for smaller device footprint and low power consumption. Considering the exponentially growing security threats of IoT and cyber-physical systems, it is important that these devices have built-in features that enhance security. In this paper, we present Shakti-MS, a lightweight RISC-V processor with built-in support for both temporal and spatial memory protection. At run time, Shakti-MS can detect and stymie memory misuse in C and C++ programs, with minimum runtime overheads. The solution uses a novel implementation of fat-pointers to efficiently detect misuse of pointers at runtime. Our proposal is to use stack-based cookies for crafting fat-pointers instead of having object-based identifiers. We store the fat-pointer on the stack, which eliminates the use of shadow memory space, or any table to store the pointer metadata. This reduces the storage overheads by a great extent. The cookie also helps to preserve control flow of the program by ensuring that the return address never gets modified by vulnerabilities like buffer overflows. Shakti-MS introduces new instructions in the microprocessor hardware, and also a modified compiler that automatically inserts these new instructions to enable memory protection. This co-design approach is intended to reduce runtime and area overheads, and also provides an end-to-end solution. The hardware has an area overhead of 700 LUTs on a Xilinx Virtex Ultrascale FPGA and 4100 cells on an open 55nm technology node. The clock frequency of the processor is not affected by the security extensions, while there is a marginal increase in the code size by 11% with an average runtime overhead of 13%. © 2019 Association for Computing Machinery.
Concepts (13)
  •  related image
    Buffer storage
  •  related image
    Cost reduction
  •  related image
    Embedded systems
  •  related image
    Internet of things
  •  related image
    Program compilers
  •  related image
    REDUCED INSTRUCTION SET COMPUTING
  •  related image
    Buffer overflows
  •  related image
    DANGLING POINTERS
  •  related image
    MEMORY SAFETY
  •  related image
    SHAKTI
  •  related image
    SPATIAL ATTACKS
  •  related image
    TEMPORAL ATTACKS
  •  related image
    C++ (programming language)