Abstract
Control Flow Integrity (CFI) enforcement is traditionally performed to allow the permitted execution of a control flow graph (CFG). There exists several software-and hardware-assisted approaches to raise the bar against control-flow attacks and the success of different implementation techniques largely depends on precise control-flow extraction. These CFI mechanisms provide limited security due to imprecise CFG and are of limited practicality due to large overhead. On the contrary, High-Level Synthesis (HLS) performs several behavior preserving transformations on control and data flowgraph (CDFG) and generates optimized Register Transfer Level (RTL) design (datapath and controller). Due to the distributed electronics supply chain and lack of centralized control, there is no tight security policy to protect control-flow information in RTL design. In this paper, we present Safe-Controller, which provides two complementary, transparent, and strong security policies for the RTL design. Our approach performs static analysis of controller followed by lightweight instrumentation such that CFI is enforced in-place and at runtime, the modified controller follows conservative CFG with the help of a monitor. We have implemented and evaluated SafeController in several HLS benchmarks under three design corners. Experimental results show that our technique incurs negligible overhead while assuring the integrity of the controller's CFG.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
