Next Article in Journal
New EV Battery Charger PFC Rectifier Front-End Allowing Full Power Delivery in 3-Phase and 1-Phase Operation
Next Article in Special Issue
A Novel FPGA-Based Intent Recognition System Utilizing Deep Recurrent Neural Networks
Previous Article in Journal
Virtual Network Provisioning over Mixed-Fixed/Flexible-Grid Optical Infrastructures
 
 
Article

A Hardware Platform for Ensuring OS Kernel Integrity on RISC-V †

by 1, 2,*,‡ and 2,*,‡
1
School of Computer Science and Engineering, Pusan National University, Busan 46241, Korea
2
Department of Electrical and Computer Engineering (ECE) and Inter-University Semiconductor Research Center (ISRC), Seoul National University, Seoul 08826, Korea
*
Authors to whom correspondence should be addressed.
This paper is an extended version of our paper published in Design, Automation and Test in Europe Conference & Exhibition (DATE) 2019.
As corresponding authors, these authors contributed equally to this work.
Academic Editor: Costas Psychalinos
Electronics 2021, 10(17), 2068; https://doi.org/10.3390/electronics10172068
Received: 26 July 2021 / Revised: 20 August 2021 / Accepted: 24 August 2021 / Published: 26 August 2021
The OS kernel is typically preassumed as a trusted computing base in most computing systems. However, it also implies that once an attacker takes control of the OS kernel, the attacker can seize the entire system. Because of such security importance of the OS kernel, many works have proposed security solutions for the OS kernel using an external hardware module located outside the processor. By doing this, these works can realize the physical isolation of security solutions from the OS kernel running in the processor, but they cannot access the inner state of the processor, which attackers can manipulate. Thus, they elaborated several methods to overcome such limited capability of external hardware. However, those methods usually come with several side effects, such as high-performance overhead, kernel code modifications, and/or excessively complicated hardware designs. In this paper, we introduce RiskiM, a new hardware-based monitoring platform to ensure kernel integrity from outside the host system. To deliver the inner state of the host to RiskiM, we have devised a hardware interface architecture, called PEMI. Through PEMI, RiskiM is supplied with all internal states of the host system essential for fulfilling its monitoring task to protect the kernel. To empirically validate our monitoring platform’s security strength and performance, we have fully implemented PEMI and RiskiM on a RISC-V based processor and FPGA, respectively. Our experiments show that RiskiM succeeds in the host kernel protection by detecting even the advanced attacks which could circumvent previous solutions, yet suffering from virtually no aforementioned side effects. View Full-Text
Keywords: security; integrity monitor; RISC-V security; integrity monitor; RISC-V
Show Figures

Figure 1

MDPI and ACS Style

Kwon, D.; Hwang, D.; Paek, Y. A Hardware Platform for Ensuring OS Kernel Integrity on RISC-V. Electronics 2021, 10, 2068. https://doi.org/10.3390/electronics10172068

AMA Style

Kwon D, Hwang D, Paek Y. A Hardware Platform for Ensuring OS Kernel Integrity on RISC-V. Electronics. 2021; 10(17):2068. https://doi.org/10.3390/electronics10172068

Chicago/Turabian Style

Kwon, Donghyun, Dongil Hwang, and Yunheung Paek. 2021. "A Hardware Platform for Ensuring OS Kernel Integrity on RISC-V" Electronics 10, no. 17: 2068. https://doi.org/10.3390/electronics10172068

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop