Device Driver and System Call Isolation in Embedded Devices

Maja Malenko, Marcel Baunach

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

The number of low-end embedded devices in today's Internet of Things and Cyber-Physical Systems is increasing along with their security concerns. Memory isolation mechanisms are often absent, programming flaws lead to malfunctioning applications, which in turn can crush the whole system. A common design approach in these devices is to have applications, operating system components, and device driver libraries reside in a single non-isolated address space, which represents one vast attack surface. Furthermore, with increasing network connectivity and frequent dynamic updates, new or modified applications and services are uploaded, opening space for even more attacks. Isolating the execution of applications in these systems is still a challenge. In this work we provide a holistic hardware/software co-designed approach for memoryisolation, which prevents corruption of the state of the operating system and applications from a buggy software, including device drivers, interrupt service routines, and misused system calls. We implemented low-cost architectural extensions in a RISC-V-based microcontroller which work together with kernel-based protection concepts. Our evaluation shows that applications as well as the kernel can enjoy the benefits of the proposed memory isolation with minimal impact on performance and an insignificant increase in the area of the MCU.

Original languageEnglish
Title of host publicationProceedings - Euromicro Conference on Digital System Design, DSD 2019
EditorsNikos Konofaos, Paris Kitsos
PublisherInstitute of Electrical and Electronics Engineers
Pages283-290
Number of pages8
ISBN (Electronic)9781728128610
DOIs
Publication statusPublished - 1 Aug 2019
Event22nd Euromicro Conference on Digital System Design, DSD 2019 - Kallithea, Chalkidiki, Greece
Duration: 28 Aug 201930 Aug 2019

Publication series

NameProceedings - Euromicro Conference on Digital System Design, DSD 2019

Conference

Conference22nd Euromicro Conference on Digital System Design, DSD 2019
Country/TerritoryGreece
CityKallithea, Chalkidiki
Period28/08/1930/08/19

Keywords

  • device drivers
  • memory isolation
  • memory protection
  • RISC-V
  • secure system calls

ASJC Scopus subject areas

  • Hardware and Architecture
  • Information Systems
  • Information Systems and Management

Fingerprint

Dive into the research topics of 'Device Driver and System Call Isolation in Embedded Devices'. Together they form a unique fingerprint.

Cite this