ProMiSE: A High-Performance Programmable Hardware Monitor for High Security Enforcement of Software Execution

Abstract

In recent years, to prevent computer systems from software attacks, hardware monitors are proposed as a type of efficient security enforcement scheme, which can detect software attacks at runtime. However, due to the limited flexibility of dedicated hardware monitors, one monitor can be only applied to a few targeted application scenarios, and is hard to defend against unconsidered attacks. This leads to high cost for redesigning monitors for new scenarios. Although recent studies propose flexible hardware monitors, the scope and security of the reconfigurable monitoring policies are still limited. To further improve the flexibility and security, this work proposes a monitor instruction set and multiple security-assisting designs for supporting general operations needed by various attack detection schemes. Based on the above efforts, an efficient programmable hardware monitor named ProMiSE is designed. After implemented on the RocketChip RISC-V processor, ProMiSE can be programmed to realize a wider range of monitoring policies with higher security and similar hardware resource overhead, compared with stateof-the-art flexible hardware monitors. With these advantages, ProMiSE still has the detection latency as low as 18-59 CPU cycles. The performance overhead ranges from 0%-23.4%, which is also reasonable compared with the dedicated hardware monitors of corresponding policies.