uBOX: A Lightweight and Hardware-assisted Sandbox for Multicore Embedded Systems
Multicore embedded systems employ a big.LITTLE architecture to combine different cores into a single microcontroller (MCU). However, resources sharing among cores raises security challenges. Once LITTLE cores (which often receive external inputs) are compromised, the whole system will be affected. E...
Gespeichert in:
| Veröffentlicht in: | IEEE transactions on dependable and secure computing 2024-09, p.1-15 |
|---|---|
| Hauptverfasser: | , , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 15 |
|---|---|
| container_issue | |
| container_start_page | 1 |
| container_title | IEEE transactions on dependable and secure computing |
| container_volume | |
| creator | Zhou, Xia Bu, Yujie Xu, Meng Zhou, Yajin Wu, Lei |
| description | Multicore embedded systems employ a big.LITTLE architecture to combine different cores into a single microcontroller (MCU). However, resources sharing among cores raises security challenges. Once LITTLE cores (which often receive external inputs) are compromised, the whole system will be affected. Existing hardware-assisted isolation approaches use privilege separation and code instrumentation to enforce memory isolation, which suffer from inefficiencies. This paper presents u BOX , a lightweight sandbox for multicore embedded systems. The goal of u BOX is to enforce memory isolation over untrusted software (on LITTLE cores) at the same privileged level. Specifically, it uses the Memory Protection Unit (MPU) to restrict memory access by untrusted software. To protect sandbox policies, u BOX deprives the write capability of untrusted software towards MPU configurations by replacing its regular store instructions with unprivileged counterparts. Additionally, to protect u BOX 's necessary regular store instructions from being abused, u BOX 's memory is set to read-only and non-executable when running untrusted software. For the normal operation of u BOX , we use an overlooked feature of the MPU and develop secure gates that quickly disable and re-enable the MPU, allowing u BOX to execute at a permissive memory view. Our evaluation demonstrates that u BOX effectively enforces isolation with average 1.27% runtime overhead, 0.83X Flash overhead, and 36.50X SRAM overhead. |
| doi_str_mv | 10.1109/TDSC.2024.3454421 |
| format | Article |
| fullrecord | <record><control><sourceid>ieee_RIE</sourceid><recordid>TN_cdi_ieee_primary_10678857</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10678857</ieee_id><sourcerecordid>10678857</sourcerecordid><originalsourceid>FETCH-ieee_primary_106788573</originalsourceid><addsrcrecordid>eNqFyrsOgjAYBeAOmoiXBzBx-F8AbKEVcPMaB40mMriRYn-0RsS0GPXtxcTd5ZzkfIeQPqMeYzQeJvP9zPOpz72AC8591iAOE1y4Ig5Zi7StvdBao5g7ZPeYbg9jmMBan87VE78J8qZgJY16SoOutFbbChXs6zkrX5CXBjaPa6WPpUFYFBkq9eV3_SpslzRzebXY-3WHDJaLZLZyNSKmd6MLad4po6MwikQY_OEPPng9tw</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>uBOX: A Lightweight and Hardware-assisted Sandbox for Multicore Embedded Systems</title><source>IEEE Electronic Library (IEL)</source><creator>Zhou, Xia ; Bu, Yujie ; Xu, Meng ; Zhou, Yajin ; Wu, Lei</creator><creatorcontrib>Zhou, Xia ; Bu, Yujie ; Xu, Meng ; Zhou, Yajin ; Wu, Lei</creatorcontrib><description>Multicore embedded systems employ a big.LITTLE architecture to combine different cores into a single microcontroller (MCU). However, resources sharing among cores raises security challenges. Once LITTLE cores (which often receive external inputs) are compromised, the whole system will be affected. Existing hardware-assisted isolation approaches use privilege separation and code instrumentation to enforce memory isolation, which suffer from inefficiencies. This paper presents u BOX , a lightweight sandbox for multicore embedded systems. The goal of u BOX is to enforce memory isolation over untrusted software (on LITTLE cores) at the same privileged level. Specifically, it uses the Memory Protection Unit (MPU) to restrict memory access by untrusted software. To protect sandbox policies, u BOX deprives the write capability of untrusted software towards MPU configurations by replacing its regular store instructions with unprivileged counterparts. Additionally, to protect u BOX 's necessary regular store instructions from being abused, u BOX 's memory is set to read-only and non-executable when running untrusted software. For the normal operation of u BOX , we use an overlooked feature of the MPU and develop secure gates that quickly disable and re-enable the MPU, allowing u BOX to execute at a permissive memory view. Our evaluation demonstrates that u BOX effectively enforces isolation with average 1.27% runtime overhead, 0.83X Flash overhead, and 36.50X SRAM overhead.</description><identifier>ISSN: 1545-5971</identifier><identifier>DOI: 10.1109/TDSC.2024.3454421</identifier><identifier>CODEN: ITDSCM</identifier><language>eng</language><publisher>IEEE</publisher><subject>Codes ; Embedded Systems ; Memory management ; Memory Protection Unit ; Monitoring ; Multicore processing ; Protection ; Random access memory ; Security Isolation ; Software</subject><ispartof>IEEE transactions on dependable and secure computing, 2024-09, p.1-15</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed><orcidid>0009-0008-6364-1530 ; 0000-0001-7610-4736 ; 0009-0001-6364-4837 ; 0000-0003-1675-5283</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10678857$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10678857$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Zhou, Xia</creatorcontrib><creatorcontrib>Bu, Yujie</creatorcontrib><creatorcontrib>Xu, Meng</creatorcontrib><creatorcontrib>Zhou, Yajin</creatorcontrib><creatorcontrib>Wu, Lei</creatorcontrib><title>uBOX: A Lightweight and Hardware-assisted Sandbox for Multicore Embedded Systems</title><title>IEEE transactions on dependable and secure computing</title><addtitle>TDSC</addtitle><description>Multicore embedded systems employ a big.LITTLE architecture to combine different cores into a single microcontroller (MCU). However, resources sharing among cores raises security challenges. Once LITTLE cores (which often receive external inputs) are compromised, the whole system will be affected. Existing hardware-assisted isolation approaches use privilege separation and code instrumentation to enforce memory isolation, which suffer from inefficiencies. This paper presents u BOX , a lightweight sandbox for multicore embedded systems. The goal of u BOX is to enforce memory isolation over untrusted software (on LITTLE cores) at the same privileged level. Specifically, it uses the Memory Protection Unit (MPU) to restrict memory access by untrusted software. To protect sandbox policies, u BOX deprives the write capability of untrusted software towards MPU configurations by replacing its regular store instructions with unprivileged counterparts. Additionally, to protect u BOX 's necessary regular store instructions from being abused, u BOX 's memory is set to read-only and non-executable when running untrusted software. For the normal operation of u BOX , we use an overlooked feature of the MPU and develop secure gates that quickly disable and re-enable the MPU, allowing u BOX to execute at a permissive memory view. Our evaluation demonstrates that u BOX effectively enforces isolation with average 1.27% runtime overhead, 0.83X Flash overhead, and 36.50X SRAM overhead.</description><subject>Codes</subject><subject>Embedded Systems</subject><subject>Memory management</subject><subject>Memory Protection Unit</subject><subject>Monitoring</subject><subject>Multicore processing</subject><subject>Protection</subject><subject>Random access memory</subject><subject>Security Isolation</subject><subject>Software</subject><issn>1545-5971</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNqFyrsOgjAYBeAOmoiXBzBx-F8AbKEVcPMaB40mMriRYn-0RsS0GPXtxcTd5ZzkfIeQPqMeYzQeJvP9zPOpz72AC8591iAOE1y4Ig5Zi7StvdBao5g7ZPeYbg9jmMBan87VE78J8qZgJY16SoOutFbbChXs6zkrX5CXBjaPa6WPpUFYFBkq9eV3_SpslzRzebXY-3WHDJaLZLZyNSKmd6MLad4po6MwikQY_OEPPng9tw</recordid><startdate>20240911</startdate><enddate>20240911</enddate><creator>Zhou, Xia</creator><creator>Bu, Yujie</creator><creator>Xu, Meng</creator><creator>Zhou, Yajin</creator><creator>Wu, Lei</creator><general>IEEE</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><orcidid>https://orcid.org/0009-0008-6364-1530</orcidid><orcidid>https://orcid.org/0000-0001-7610-4736</orcidid><orcidid>https://orcid.org/0009-0001-6364-4837</orcidid><orcidid>https://orcid.org/0000-0003-1675-5283</orcidid></search><sort><creationdate>20240911</creationdate><title>uBOX: A Lightweight and Hardware-assisted Sandbox for Multicore Embedded Systems</title><author>Zhou, Xia ; Bu, Yujie ; Xu, Meng ; Zhou, Yajin ; Wu, Lei</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-ieee_primary_106788573</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Codes</topic><topic>Embedded Systems</topic><topic>Memory management</topic><topic>Memory Protection Unit</topic><topic>Monitoring</topic><topic>Multicore processing</topic><topic>Protection</topic><topic>Random access memory</topic><topic>Security Isolation</topic><topic>Software</topic><toplevel>online_resources</toplevel><creatorcontrib>Zhou, Xia</creatorcontrib><creatorcontrib>Bu, Yujie</creatorcontrib><creatorcontrib>Xu, Meng</creatorcontrib><creatorcontrib>Zhou, Yajin</creatorcontrib><creatorcontrib>Wu, Lei</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><jtitle>IEEE transactions on dependable and secure computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Zhou, Xia</au><au>Bu, Yujie</au><au>Xu, Meng</au><au>Zhou, Yajin</au><au>Wu, Lei</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>uBOX: A Lightweight and Hardware-assisted Sandbox for Multicore Embedded Systems</atitle><jtitle>IEEE transactions on dependable and secure computing</jtitle><stitle>TDSC</stitle><date>2024-09-11</date><risdate>2024</risdate><spage>1</spage><epage>15</epage><pages>1-15</pages><issn>1545-5971</issn><coden>ITDSCM</coden><abstract>Multicore embedded systems employ a big.LITTLE architecture to combine different cores into a single microcontroller (MCU). However, resources sharing among cores raises security challenges. Once LITTLE cores (which often receive external inputs) are compromised, the whole system will be affected. Existing hardware-assisted isolation approaches use privilege separation and code instrumentation to enforce memory isolation, which suffer from inefficiencies. This paper presents u BOX , a lightweight sandbox for multicore embedded systems. The goal of u BOX is to enforce memory isolation over untrusted software (on LITTLE cores) at the same privileged level. Specifically, it uses the Memory Protection Unit (MPU) to restrict memory access by untrusted software. To protect sandbox policies, u BOX deprives the write capability of untrusted software towards MPU configurations by replacing its regular store instructions with unprivileged counterparts. Additionally, to protect u BOX 's necessary regular store instructions from being abused, u BOX 's memory is set to read-only and non-executable when running untrusted software. For the normal operation of u BOX , we use an overlooked feature of the MPU and develop secure gates that quickly disable and re-enable the MPU, allowing u BOX to execute at a permissive memory view. Our evaluation demonstrates that u BOX effectively enforces isolation with average 1.27% runtime overhead, 0.83X Flash overhead, and 36.50X SRAM overhead.</abstract><pub>IEEE</pub><doi>10.1109/TDSC.2024.3454421</doi><orcidid>https://orcid.org/0009-0008-6364-1530</orcidid><orcidid>https://orcid.org/0000-0001-7610-4736</orcidid><orcidid>https://orcid.org/0009-0001-6364-4837</orcidid><orcidid>https://orcid.org/0000-0003-1675-5283</orcidid></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | ISSN: 1545-5971 |
| ispartof | IEEE transactions on dependable and secure computing, 2024-09, p.1-15 |
| issn | 1545-5971 |
| language | eng |
| recordid | cdi_ieee_primary_10678857 |
| source | IEEE Electronic Library (IEL) |
| subjects | Codes Embedded Systems Memory management Memory Protection Unit Monitoring Multicore processing Protection Random access memory Security Isolation Software |
| title | uBOX: A Lightweight and Hardware-assisted Sandbox for Multicore Embedded Systems |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-09T19%3A43%3A59IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=uBOX:%20A%20Lightweight%20and%20Hardware-assisted%20Sandbox%20for%20Multicore%20Embedded%20Systems&rft.jtitle=IEEE%20transactions%20on%20dependable%20and%20secure%20computing&rft.au=Zhou,%20Xia&rft.date=2024-09-11&rft.spage=1&rft.epage=15&rft.pages=1-15&rft.issn=1545-5971&rft.coden=ITDSCM&rft_id=info:doi/10.1109/TDSC.2024.3454421&rft_dat=%3Cieee_RIE%3E10678857%3C/ieee_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=10678857&rfr_iscdi=true |