Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Compiler-assisted loop hardening against fault attacks
Proy J., Heydemann K., Berzati A., Cohen A. ACM Transactions on Architecture and Code Optimization14 (4):1-25,2017.Type:Article
Date Reviewed: Jun 1 2018

The problem to solve is the following: the uncontrolled development of the Internet of Things (IoT) results in personal data being handled by a huge variety of devices, which do not satisfy the safety conditions considered mandatory in more customary applications. The most worrisome characteristics of these devices is that they are subject to physical attacks, which are intended to disrupt the execution flow of some applications in order to extract sensitive information or grant restricted access permissions.

This paper develops, in detail, a method for improving the safety of embedded devices like smartphones, payment systems, and all the digital consumer electronics that allow for the development of IoT. The paper has four authors, seven sections, and ends in 25 pages with 49 references. It is profusely illustrated with figures, tables, algorithms, and listings.

Although correctness proofs of programs seems to be an approach that guarantees that the program does what it is intended to do, if the program has been physically attacked and changed, nothing more can be guaranteed. The approach taken by the authors makes the burden of proof to rely on the program itself, by adding to it redundant code which checks that the loops perform the expected number of iterations.

The code added to the program in order to harden the loops does not change its meaning; instead, it only gives a little overhead in size and in performance. These changes are not too costly because their increase in size or time is lower than 15 percent. However, some questions remain:

  • The proportion of loops that are hardened is high, about 95 percent, but it’s not 100 percent. This means that the program can still be changed to a failing program, despite the efforts of the compiler.
  • Some injected faults remain undetected; thus, program users cannot trust the program. And the question remains: should we use a program we cannot trust?
  • The techniques used are relevant only to fault attacks, which use alteration of the device to retrieve sensitive data or get privilege access. Other attacks are not dealt with.

The paper is clearly presented. The algorithm is implemented in LLVM, which means that an existing compiler scheme is enriched for aiming at hardening the loops. Results are evaluated using a large benchmark. All in all, testing the ideas needs further, wider evaluation, but the whole approach seems promising.

Reviewer:  O. Lecarme Review #: CR146060 (1808-0433)
Bookmark and Share
  Featured Reviewer  
 
Compilers (D.3.4 ... )
 
 
Protection Mechanisms (D.2.0 ... )
 
 
Security (K.4.4 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Compilers": Date
An architecture for combinator graph reduction
Philip John J., Academic Press Prof., Inc., San Diego, CA, 1990. Type: Book (9780124192409)
Feb 1 1992
Crafting a compiler with C
Fischer C., Richard J. J., Benjamin-Cummings Publ. Co., Inc., Redwood City, CA, 1991. Type: Book (9780805321661)
Feb 1 1992
A methodology and notation for compiler front end design
Brown C., Paul W. J. Software--Practice & Experience 14(4): 335-346, 1984. Type: Article
Jun 1 1985
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy