Hardware supported Software and Control Flow Integrity

Bugs are prevalent in a large amount of deployed software. These bugs often introduce vulnerabilities that can be exploited by attackers to make programs misbehave. Many devices rely on software that needs security, such as medical implants, sensor networks, RFID tags, automotive controllers. Software should do what it is asked to do, and should not misbehave by delivering the wrong drug dosages, by stealing information, by spying on the user, by disabling the brakes on a car, or by attacking other computers.

The central topic of this thesis is the development of hardware-based mechanisms to prevent software from misbehaving. We focus on enhancing the security of microprocessors to detect runtime attacks, prevent malicious modification of software, and develop support for isolating software from malware.

The main contributions of this thesis are two-fold. First, we analyse existing hardware-based Control Flow Integrity (CFI) architectures. This includes a detailed description and comparison of each architecture’s policies, security, hardware cost, performance, and suitability for widespread deployment.

Second, we design several new hardware-based security architectures. This includes developing the first known Control Flow Integrity architecture based on instruction-set randomisation, that also enforces software integrity through modifications to a processor. We further design the first known hardware-based software integrity architecture that is realised as a standalone IP core that connects to the bus via standard interfaces. Finally, we develop an architectural feature which provides interrupt support for a program counter-based Protected Module Architectures (PMAs) by means of processor modifications. All the architectures developed in this thesis are evaluated on FPGA, which allows us to accurately determine the hardware cost and the performance overhead of running the software on the architecture.