A novel lightweight hardware-assisted static instrumentation approach for ARM SoC using debug components

@article{Wahab2018ANL,
  title={A novel lightweight hardware-assisted static instrumentation approach for ARM SoC using debug components},
  author={Muhammad Abdul Wahab and Pascal Cotret and Mounir Nasr Allah and Guillaume Hiet and Arnab Kumar Biswas and Vianney Lap{\^o}tre and Guy Gogniat},
  journal={2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST)},
  year={2018},
  pages={92-97}
}
Most of hardware-assisted solutions for software security, program monitoring, and event-checking approaches require instrumentation of the target software, an operation which can be performed using an SBI (Static Binary Instrumentation) or a DBI (Dynamic Binary Instrumentation) framework. Hardware-assisted instrumentation can use one of these two solutions to instrument data to a memory-mapped register. Both these approaches require an in-depth knowledge of frameworks and an important amount… 

Figures and Tables from this paper

LAHEL: Lightweight Attestation Hardening Embedded Devices using Macrocells
TLDR
This paper implements LAHEL as a hardware IP core which interfaces with the CoreSight Debug Architecture available in modern ARM cores and shows how it can be integrated to system on chip designs allowing for microcontroller vendors to easily add the authors' defense into their products.

References

SHOWING 1-10 OF 20 REFERENCES
Implementing an Application-Specific Instruction-Set Processor for System-Level Dynamic Program Analysis Engines
TLDR
PAU is an application-specific instruction-set processor (ASIP) whose instruction set is customized to reflect common features of various DPA methods whose ASIP approach can be successfully applicable to complex DPA schemes while providing hardware-backed power in performance and software-based flexibility in analysis.
Hijacker: Efficient static software instrumentation with applications in high performance computing: Poster paper
  • Alessandro Pellegrini
  • Computer Science
    2013 International Conference on High Performance Computing & Simulation (HPCS)
  • 2013
TLDR
Hijacker is presented, an open-source customizable static binary instrumentation tool which is able to alter a program's execution flow according to some user-specified rules, limiting the execution overhead due to the code snippets inserted in the original program, thus enabling for the exploitation in high performance computing.
Minimising the impact of software instrumentation using on-chip debug and a secondary CPU Core
  • P. Fogarty
  • Computer Science
    Proceedings of the 2012 System, Software, SoC and Silicon Debug Conference
  • 2012
TLDR
Using on-chip debug hardware coupled with a secondary CPU core to extract instrumentation data alleviates the need to modify the source code on the primary CPU and therefore avoids many of the difficulties with modifying code and minimises the impact of the software instrumentation.
Flayer: Exposing Application Internals
TLDR
This paper presents an effective fault injection testing technique and an automation library, LibFlayer, which explores techniques for vulnerability patch analysis and guided source code auditing.
ARMHEx: A hardware extension for DIFT on ARM-based SoCs
TLDR
This paper introduces ARMHEx, a practical solution targeting DIFT (Dynamic Information Flow Tracking) on ARM-based SoCs (e.g. Xilinx Zynq), a solution based on ARM Trustzone that takes profit of ARM CoreSight debug components and static analysis to drastically reduce instrumentation time overhead.
PEBIL: Efficient static binary instrumentation for Linux
TLDR
A static binary instrumentation toolkit forLinux on the x86/x86_64 platforms, PEBIL (PMaC's Efficient Binary Instrumentation Toolkit for Linux) is presented, designed with the primary goal of producing efficient-running instrumented code.
Anywhere, any-time binary instrumentation
TLDR
Dyninst can instrument at any time in the execution continuum, from static instrumentation to instrumenting actively executing code (dynamic instrumentation), and its techniques provide this collection of capabilities while imposing similar or lower overhead than other widely used instrumenters.
RevARM: A Platform-Agnostic ARM Binary Rewriter for Security Applications
TLDR
RevARM is a binary rewriting technique capable of instrumenting ARM-based binaries without limitation on the target platform, and is able to handle stripped binaries, requires no symbolic/semantic information, and supports Mach-O binaries, overcoming the limitations of existing approaches.
The CSI Framework for Compiler-Inserted Program Instrumentation
TLDR
A standard API is defined for CSI and modified LLVM to insert CSI hooks into the compiler's internal representation of the program, which allows many compiler-based tools to be written as simple libraries without modifying the compiler, lowering the bar for the development of dynamic-analysis tools.
Raksha: a flexible information flow architecture for software security
TLDR
Raksha is proposed, an architecture for software security based on dynamic information flow tracking (DIFT) that supports flexible and programmable security policies that enable software to direct hardware analysis towards a wide range of high-level and low-level attacks.
...
...