MIPS Architecture Research Articles

Uncovering Hidden Risks in IoT devices: A Post-Pandemic National Study of SOHO Wi-Fi Router Security

This study thoroughly analyzes the cybersecurity status of Small Office/Home Office (SOHO) Wi-Fi routers. These routers are crucial but frequently overlooked elements in network infrastructure, particularly in light of the impact of the COVID-19 pandemic on network security. The pandemic has led to shifts in network usage patterns, blurring traditional security perimeters and extending them into private residences, creating additional points of vulnerability in urban environments. Our nationwide research evaluated an extensive dataset of router brands and models currently used at scale. We measured the prevalence of known vulnerabilities, assessed the currency of userspace and kernel software versions, and compared the security robustness of proprietary firmware against open-source alternatives. Our findings reveal a concerning landscape of widespread vulnerabilities and outdated software components, posing latent risks to end-users. The results indicate a predominance of Linux on MIPS and ARM architectures, with an average delay of 5 to 10 years between the release of the kernel and the implementation of the most recent firmware versions. As a result, we observed an average of 1344 and 72 vulnerabilities in the kernel and applications. One significant discovery from our research is that replacing the manufacturer's original firmware with open-source alternatives, such as DD-WRT, OpenWrt, and Tomato, can substantially enhance the security of the software stack. This enhancement results in improvements of up to 97% in the case of binaries and 98.42% in the kernel. Our research helps increase cybersecurity awareness by pinpointing critical home network environment weaknesses and alerting the need for more rigorous security practices in producing and maintaining SOHO routers. This investigation also allowed the report of a new remote code execution vulnerability (disclosed in CVE-2022-46552).

A hybrid approach for malware detection in SDN‐enabled IoT scenarios

AbstractMalware presents a significant threat to computer systems security, especially in ARM and MIPS architectures, driven by the rise of the internet of things (IoT). This paper introduces Heimdall, a hybrid approach that integrates YARA signatures and machine learning in programmable switches for efficient malware detection in SDN‐enabled IoT environments. The machine learning classifier achieved an accuracy of 99.33% against the IoT‐23 dataset. When evaluated in an emulated environment with real malware samples, Heimdall exhibits a 98.44% detection rate and an average processing time of 0.0217 s.

Work in progress: analysis and evaluation of the impact of the code approximation for IoT applications

ue to the need to improve resource management for computer systems in many levels and applications (mainly for embed-ded systems and energy consumption), how can we enhance the energy efficiency of computational methods? One approach is throughapproximate computing, which intentionally introduces controlled errors to save resources such as energy, area, or time. This research aimsto empirically measure the impact of introducing approximations in an embedded system by conducting a controlled experiment. To focuson evaluating the impact of the approximations themselves rather than the best methods of implementing them, the approximations willbe manually incorporated into the code. The benchmark chosen for evaluation is MiBench due to its widespread usage. All the codes canbe recompiled to run on the MIPS architecture of the NodeMCU-ESP8266. A second NodeMCU-ESP8266 will be utilized, connected inseries to measure the actual power consumption of the first board. The analysis of results will involve hypothesis tests, where the experi-ment hypotheses will be statistically evaluated at a specific significance level. By directly comparing variations and experiment data, theproposal’s validity will be effectively demonstrated. Since this paper is a work in progress, we will explain the experiment planned to berun.

RISC processor implementation 32-bit MIPS-based: an approach to teaching and learning

This article describes the development of the design of a processor based on the RISC architecture, taking the 32-bit MIPS microprocessor as a basis. The RISC architecture, which stands for Reduced Instruction Set Computer, is characterized by having a reduced instruction set, aiming to optimize the processor's overall performance. The designed MIPS processor follows a 5-stage pipeline, which comprises the instruction fetch, instruction decode, execution, preparation and memory access phases. The main objective of this article is to carry out the structural development of the processor, using the hardware description language. This implies the creation of a Verilog representation that will later be used to generate the extraction of the processor's logic circuit. Furthermore, the project involves generating a timing diagram that illustrates the temporal behavior of processor operations and, ultimately, the physical implementation of the processor core. This work seeks to contribute knowledge in the field of computer architecture, providing a practical implementation of a RISC processor based on the 32-bit MIPS architecture, which can be relevant both for educational purposes and for practical applications in embedded systems.

HIGHLY RECONFIGURABLE SOFT-CPU BASED PERIPHERAL MODULES DESIGN

Research motivation. When developing microcontrollers, manufacturers try to include as many different types of peripherals as possible in order to increase the marketing attractiveness of their products. On the one hand, with a large assortment of various peripheral modules, it is very difficult to implement several devices of the same type in the microcontroller: manufacturers are mainly limited to 1-2 instances, in rare cases 4 modules of the same type are included. On the other hand, most software projects do not use all the peripherals of modern microcontrollers and many devices are left unused, while there may be a shortage of other types of modules. Another problem that has become especially noticeable for microcontrollers used in the field of IoT is the cryptographic protection of data that is transmitted through built-in information exchange interfaces. The main efforts of researchers and developers of cryptographic data protection methods were aimed at reducing energy-intensive operations, memory access iterations and speeding up encryption processes while maintaining a high level of cryptographic protection and enabling efficient data distribution within IoT devices networks. Research results. This paper presents an alternative approach to the manufacture of peripheral modules as part of microcontrollers. The authors propose to use a configurable software processor module based on the MIPS architecture with a reduced instruction set and limited capabilities. Conclusions. This approach would make it possible to dynamically change the functionality of peripheral modules in accordance with the requirements of the developed software solution, which in turn will increase the efficiency of the microcontroller chips capabilities utilization. In addition, the transfer of data stream encryption functions to the reconfigurable core of the peripheral module will provide fast and transparent cryptographic protection, as well as allow offloading the microcontroller core and increasing the energy efficiency of chips while reducing their production cost.

MIDAS: Safeguarding IoT Devices Against Malware via Real-Time Behavior Auditing

The number of IoT devices on the Internet has surged recently, accompanied by a barrage of large-scale IoT malware infections breakouts. Designing security mechanisms for IoT devices poses significant challenges due to constantly changing malware variants that have numerous camouflage strategies, limited hardware resources, and heterogeneous architectures. In this article, we propose MIDAS, an adaptive safeguard framework for Linux-based IoT devices to defend against malwares with the real-time behavior auditing mechanism. First, we construct a stable and abstract behavior paradigm through behavioral characteristic extraction of 115 970 malwares. Then, based on the behavior paradigm, MIDAS can: 1) monitor suspicious behaviors of break-in programs in real-time driven by our built-in SELinux policy customized for malware defense; 2) aggregate behaviors of the program’s submodules with homology tracing; and 3) summarize these behaviors into abstract behavior pairs to unveil a possible IoT malware. Using the aforementioned real-time behavior auditing, MIDAS can constrain mutating and camouflaged malwares to protect discrepant IoT devices from being compromised while maintaining low overheads. We thoroughly evaluated the defense capabilities of MIDAS. On the benchmark dataset, MIDAS successfully constrained up to 94.46%, 91.79%, and 88.34% of 115970 malware samples on ARM, MIPS, and MIPSEL architectures, with less than 1.8 MiB of memory consumption and 0.54% CPU usage. Furthermore, we deployed virtual IoT devices worldwide to examine the performance of MIDAS when defending against real-world attacks. Over a duration of 25 days, these devices suffered from 971 951 attacks originating from 71 979 intruding malwares and 48 805 unique IPs distributed in 167 countries. For devices with MIDAS protection, the number of compromised incidents decreases by <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$343.1\times $ </tex-math></inline-formula> , and the duration of continuous operation is <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$179.2\times $ </tex-math></inline-formula> greater than devices without MIDAS on average. The evaluation results demonstrate that MIDAS can effectively safeguard IoT devices with minimal resource consumption.

Simulation of Pipelined MIPS Floating-Point Units using Node-RED

The pipelined processor architecture is the best way to increase instruction-level parallelism, and thus, understanding its operation is one of the keys in computer architecture learning. To help with the leaning process, we have devised a series of pipeline simulation methodologies. This article presents one of them – a simulation methodology of hazard detection and forwarding in MIPS32 pipelined floating-point units. Our implementation approach is using the Node-RED programming environment, an event-driven dragand-drop system for designing data flows with business logic. In addition, to implement sophisticated operations not supported by Node-RED, we also employ WebAssembly code and the Rust language. We simulate not only the standard 5-stage pipelined MIPS ISA but also pipelined (addition, subtraction, and multiplication) and unpipelined (division) floating-point operations. Our study focuses mainly on hazard detection, which is required to ensure program correctness, as well as forwarding used to improve system performance. Lastly, we design a dashboard interface to visually represent the pipeline stages and CPU status during execution. Using the dashboard interface, MIPS32 machine code can be loaded into our simulator from hexadecimal text files. We verified that our simulator is handling hazard detection and forwarding correctly. A screenshot of the dashboard interface is included that shows all the stages of floating-point pipelines.

Research on Operating System Migration Method Based on Domestic Embedded Devices

At present, Google’s Android system has the characteristics of open source, rich software functions, and good user experience, and has been highly recognized by a wide range of applications and the market. If the Loongson platform wants to make a difference in mobile terminals and other fields, it needs to support the Android system. However, although the native Android system supports multiple architectures, it only performs a lot of optimizations for the ARM architecture. For other architectures, Google only provides a generic version. This brings a huge challenge to the Loongson processor based on the MIPS architecture. Based on the analysis of the Android system, this paper studies the Android transplantation method of the Loongson 2K1000 platform in detail realizes the transplantation of the Android Lollipop system on the platform and has passed the verification of the Loongson 2K1000 platform.

Fault Injection for Linux Device Drivers on x86, MIPS and ARM Architectures

The security of device drivers should be verified by system testing. This paper presents QDFaultInjector, a fault injection tool that can work on three architectures (x86 64, AArch64 and MIPS64) to test Linux kernel modules (including device drivers) at runtime. Firstly, overall framework of QDFaultInjector is introduced in this paper, along with monitoring of LKM operation based on notifier chain and callback function and flexible mechanisms of retriggering faults and automatic recovering based on debugfs pseudo file system. Moreover, it is explained in detail how instruction replacement is implemented for fault injection on different architectures, because it is architecture-specific, i.e., it is related to the machine codes and the formats of instructions. Thereafter, a char device driver is used to verify every function of QDFaultInjector on the above architectures respectively and the results show that QDFaultInjector can inject faults successfully and effectively. In addition, a few of realistic network card drivers such as hns3 and pcnet32 are used to do the tests and some events of system breakdown occur when some faults that have been injected into device drivers by QDFaultInjector are triggered. That means that some potential problems are existed in the corresponding device drivers, which ought to be revised and perfected. Finally, QDFaultInjector is compared with some other fault injection tools and a conclusion is drawn that it supports more computer architectures and it is more flexible for testing operations.

MagCiM: A Flexible and Non-Volatile Computing-in-Memory Processor for Energy-Efficient Logic Computation

This paper presents a high-performance and energy efficient processor exploiting a <u>Mag</u>netoresistive-based <u>C</u>omputing-<u>i</u>n-<u>M</u>emory array architecture (so-called MagCiM processor), to perform Boolean logic functions on operands stored in a memory array. The proposed processor efficiently addresses the memory wall and the leakage power consumption problems in conventional processors. The MagCiM processor utilizes mCell memory, a class of Magnetoresistive memory employing only Magnetic Tunnel Junction (MTJ) devices, to realize both computation-in-memory and on-chip instruction and data memories. The mCell memory is characterized by almost zero leakage power, high integration density, high level of reliability, and compatibility with the CMOS VLSI fabrication process. The circuit-level simulation results through comparisons with the previous work reveal that the MagCiM processor provides low occupation area, low power, and energy consumption and offers Normally-off instant-on computing capability, which makes it very suitable for embedded system applications. Based on our evaluations, a conventional processor based on the well-known MIPS architecture consumes about 13 times more energy while having 1.5 times more delay than the MagCiM processor.

A Multi-One Instruction Set Computer for Microcontroller Applications

This work presents a simple integer-only instruction set architecture and microarchitecture derived from One Instruction Set Computers (OISCs) and embedding multiple execution modes ( ${m}$ OISC), capable of running at a reasonable performance level to enable basic usability in microcontroller applications. The purpose of ${m}$ OISC is to enable simple data transfer tasks and run small programs while maintaining ultimate simplicity. We present the internal organization for a computer architecture including an 8bit I/O register, and 64kB central Random Access Memory (RAM), organized in two-bytes words. The processor can run code generated assuming an OISC or a Complex Instruction Set Computer (CISC) scheme (op-code based), depending on the programmer’s demands and based on the initial setting of a register during start-up. To enable practical applications and demonstrate successful exploitation of ${m}$ OISC in view of integration in a compiler back-end, we designed a custom Proof-of-Concept (PoC) software design toolchain based on LLVM and clang . Although not targeting all the features of commercial ISA, the toolchain is capable of compiling C code from LLVM intermediate representation or generating ${m}$ OISC code translated from ARM, x86, RISC-V, and MIPS assembly. The toolchain also enables practical Value Change Dump (VCD) simulations output with graphical plots of the CPU state and associated symbols. A PoC microcontroller system has been synthesized in a low power Field Programmable Gate Array (FPGA) and verified in a basic wireless telemetry application including a Synchronous Peripheral Interface (SPI) RFM9x Long RAnge (LoRA) transceiver and a MAX30205 Inter Integrated Circuit (I2C) temperature sensor, using its 8bit I/O port, with software bus interface implementation. ${m}$ OISC occupies ~6% of resources on a Cyclone 10LP FPGA, for 1397 Adaptive Look-Up Tables (ALUTs) and 461 dedicated logic registers. The measured dynamic current consumption of the complete FPGA board with synthesized ${m}$ OISC is 12mA at 100MHz clock.

Measuring the Efficiency of Cache Memory on Java Processors for Embedded Systems

Java, with its advantages as being an overspread multiplatform object oriented language, has been gaining popularity in the embedded system market over the years. However, because of its extralayer of interpretation, it is also believed that it is a slow language while being executed. Nevertheless, when this execution is done directly in hardware, Java advantages caused by its stacknature start to appear. One of these advantages concerns memory utilization, impacting in less accesses and cache misses. In this work we analyze this impact in performance and energy consumption,comparing a Java processor with a RISC one based on a MIPS architecture with similar characteristics.

Function argument number identification in stripped binary under PPC and MIPS instruction set

Function argument number identification in stripped binary under PPC and MIPS instruction set

Code generation for floating-point arithmetic in architecture MIPS

This article is related to code generation for floating-point arithmetics in the MIPS architecture. This work is a part of the «RuC» project. It is specialized only in code generation for operations with floatting-point numbers. This paper does not consider lexical, syntactic, and species-specific analyses.

WepSIM: An Online Interactive Educational Simulator Integrating Microdesign, Microprogramming, and Assembly Language Programming

Our educational project has three primary goals. First, we want to provide a robust vision of how hardware and software interplay, by integrating the design of an instruction set (through microprogramming) and using that instruction set for assembly programming. Second, we wish to offer a versatile and interactive tool where the previous integrated vision could be tested. The tool we have developed to achieve this is called WepSIM and it provides the view of an elemental processor together with a microprogrammed subset of the MIPS instruction set. In addition, WepSIM is flexible enough to be adapted to other instruction sets or hardware components (e.g., ARM or x86). Third, we want to extend the activities of our university courses, labs, and lectures (fixed hours in a fixed place), so that students may learn by using their mobile device at any location, and at any time during the day. This paper presents how WepSIM has improved the teaching of Computer Architecture courses by empowering students with a more dynamic and guided learning process. In this paper, we show the results obtained during the experience of using the simulator in the Computer Structure course of the Bachelor's Degree in Computer Science and Engineering, University Carlos III of Madrid.

A Novel Framework to Classify Malware in MIPS Architecture-Based IoT Devices

Malware on devices connected to the Internet via the Internet of Things (IoT) is evolving and is a core component of the fourth industrial revolution. IoT devices use the MIPS architecture with a large proportion running on embedded Linux operating systems, but the automatic analysis of IoT malware has not been resolved. We proposed a framework to classify malware in IoT devices by using MIPS-based system behavior (system call—syscall) obtained from our F-Sandbox passive process and machine learning techniques. The F-Sandbox is a new type for IoT sandbox, automatically created from the real firmware of the specialized IoT devices, inheriting the specialized environment in the real firmware, therefore creating a diverse environment for sandboxing as an important characteristic of IoT sandbox. This framework classifies five families of IoT malware with F1-Weight = 97.44%.

A design of EPIC type processor based on MIPS architecture

This paper proposes an EPIC (Explicitly Parallel Instruction Computing Architecture) type processor based on MIPS. VLIW processors can execute multiple instructions simultaneously, but due to dependency of instructions, it is often impossible to execute maximum parallel execution. As a result, program contains many NOP instructions. EPIC processor can reduce NOP instructions by changing number of instructions to be executed simultaneously. To implement EPIC type processor, five bit field is embedded in the machine instruction code. For comparison, a 5-stage pipeline processor (basic processor), and a Very Long Instruction Word (VLIW) processor are designed. The proposed processors are described in hardware description language (VHDL) and implemented using FPGA. Operations are confirmed by software Tera Term. Processors are evaluated for instruction parallelism and program size using bubble sort program. It is confirmed that the proposed processor is 1.9 times faster than the basic processor. In addition, the program size of the proposed processor is 64 bytes, the basic processor is 56 bytes, and the VLIW processor is 80 bytes.

Determining the base address of MIPS firmware based on absolute address statistics and string reference matching

Getting the accurate firmware base address is not only the prerequisite for disassembling firmware correctly, but also the basis for reverse analysis. Currently, most existing base address determination methods are applied to the ARM architecture, and a few address determination methods of MIPS firmware highly rely on researcher’s manual analysis and experience. To address this problem, based on 32-bit absolute address statistics and string reference matching, an automatic method for the base address determination of MIPS firmware is proposed. Firstly, the 32-bit immediate value loading, addressing mode and string referencing of the MIPS architecture systems are analyzed. Secondly, the Absolute Address Searching (AAS) algorithm and String Reference Matching (SRM) algorithm are proposed based on the analysis. The AAS algorithm utilizes the lui-ori, lui-lw and lui-addiu instruction pairs to identify and record the absolute addresses loaded to registers. According to the distributions of addresses recorded by AAS, the range of candidate base addresses can be determined. Then the lui-addiu instruction pair is used by the SRM algorithm to search for string reference addresses. For every address in the range of candidate base addresses, the SRM algorithm verifies whether each string reference address points to the beginning of a string under the current candidate base address, and thereby the matching rate is calculated. Based on the matching rates corresponding to each of the candidate base addresses, the right base address can be determined. Lastly, the proposed method is applied to the test set composed of 12 mainstream MIPS firmware files. Experimental results demonstrate that the proposed method can determine the base addresses of MIPS firmware files automatically and accurately. Furthermore, the proposed method is also applied to a firmware section after decompression and the result indicates that the proposed method is efficient for automatically determining the loading addresses of firmware sections.

A Comparative Analysis of HPL-PD and MIPS Architectures by Using Integrated Approach for IS and RA for Exploiting ILP

In this article, the authors have proposed an integrated algorithm for instruction scheduling and register allocation, and implemented it for compiler optimization in a machine description in a trimaran infrastructure for exploitation of instruction-level parallelism. For this experimental work, the authors added machine descriptions (MDES) targeted to HL-PD architecture. As a result, only a few spills were needed and the quality of the code generated was improved. The application of abstract base graph has been applied for experimental purposes. For these experiments, this article used 20 benchmarks available with trimaran infrastructure for HPL-PD architecture. This article compares some of these results with results obtained performed on LLVM compiler on an MIPS architecture. The implemented algorithm is based on subgraph isomorphism. The input program is represented in the form of directed acyclic graph (DAG). The vertices of the DAG represent the instructions, input, and output operands of the program, while the edges represent dependencies among the instructions.

Development of multiprocessor system-on-chip based on soft processor cores schoolMIPS

This work includes a review of MIPS architecture processor cores and a review of network topology consisting of routers. It was demonstrated by realization of 2 multiprocessor systems developed on the basis of mesh topology using modified schoolMIPS soft-processor cores, in which architecture additional blocks and instructions were added, and routers with XY routing. As a result, the obtained NoC performance is up to 1.87 Gbit/s (4 processor cores), and up to 1.54 Gbit/s (10 processor cores). The extended processor core schoolMIPS consumes 452 ALMs and 1692 bits of memory; NoC of 4 processor cores takes 2223 ALMs and 9136 bits of memory; NoC of 10 processor cores – 5696 ALMs and 22840 bits of memory. The obtained results suggest that there is a possibility of NoC development with the number of nodes up to 200 nodes on Stratix IV GX EP4SGX230 (DE4).