Dynamic Information Flow Tracking for Embedded Binaries using SystemC-based Virtual Prototypes
Sprache des Vortragstitels:
Englisch
Original Tagungtitel:
Design Automation Conference (DAC)
Sprache des Tagungstitel:
Englisch
Original Kurzfassung:
Avoiding security vulnerabilities is very important for
embedded systems. Dynamic Information Flow Tracking (DIFT)
is a powerful technique to analyze SW with respect to security
policies in order to protect the system against a broad range of
security related exploits. However, existing DIFT approaches either
do not exist for Virtual Prototypes (VPs) or fail to model complex
hardware/software interactions. In this paper, we present a novel approach that enables early and accurate DIFT of binaries targeting embedded systems with custom peripherals. Leveraging the SystemC framework, our DIFT engine tracks accurate data flow information alongside the program execution to detect violations of security policies at run-time. We demonstrate the effectiveness and applicability of our approach by extensive experiments.