RunPBA -- Runtime attestation for microcontrollers with PACBTI
By: André Cirne , Patrícia R. Sousa , João S. Resende and more
Potential Business Impact:
Protects computers from hackers without slowing them.
The widespread adoption of embedded systems has led to their deployment in critical real-world applications, making them attractive targets for malicious actors. These devices face unique challenges in mitigating vulnerabilities due to intrinsic constraints, such as low energy consumption requirements and limited computational resources. This paper presents RunPBA, a hardware-based runtime attestation system designed to defend against control flow attacks while maintaining minimal performance overhead and adhering to strict power consumption constraints. RunPBA leverages PACBTI, a new processor extension tailored for the Arm Cortex M processor family, allowing robust protection without requiring hardware modifications, a limitation present in similar solutions. We implemented a proof-of-concept and evaluated it using two benchmark suites. Experimental results indicate that RunPBA imposes a geometric mean performance overhead of only 1% and 4.7% across the benchmarks, underscoring its efficiency and suitability for real-world deployment.
Similar Papers
Resolving Availability and Run-time Integrity Conflicts in Real-Time Embedded Systems
Cryptography and Security
Keeps important programs running safely after errors.
PDRIMA: A Policy-Driven Runtime Integrity Measurement and Attestation Approach for ARM TrustZone-based TEE
Cryptography and Security
Protects secret computer code from being stolen.
BASICS: Binary Analysis and Stack Integrity Checker System for Buffer Overflow Mitigation
Cryptography and Security
Fixes computer programs to stop security problems.