Abstract
To provide strong security support for today’s applications, microprocessor manufacturers have introduced hardware isolation, an on-chip mechanism that provides secure accesses to sensitive data. Currently, hardware isolation is still difficult to use by software developers because the process to identify access points to sensitive data is error-prone and can lead to under and over protection of sensitive data. Under protection can lead to security vulnerabilities. Over protection can lead to an increased attack surface and excessive communication overhead. In this paper we describe EvoIsolator, a search-based framework to (i) automatically generate executable minimal slices that include all access points to a set of specified sensitive data; and (ii) automatically optimize (for small code block size and low communication overhead) the code modules for hardware isolation. We demonstrate, through a small feasibility study, the potential impact of our proposed code optimizer.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
ARM security technology: building a secure system using TrustZone technology. http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.prd29-genc-009492c/index.html
Ye, M., Sherman, J., Srisa-an, W., Wei, S.: TZSlicer: security-aware dynamic program slicing for hardware isolation. In: HOST (2018)
Mark Harman, S., Mansouri, A., Zhang, Y.: Search-based software engineering: trends, techniques and applications. ACM Comput. Surv. 45(1), 11:1–11:61 (2012)
Petke, J., Haraldsson, S.O., Harman, M., Langdon, W.B., White, D.R., Woodward, J.R.: Genetic improvement of software: a comprehensive survey. IEEE Trans. Evol. Comput. 22(3), 415–432 (2018)
Petke, J., Harman, M., Langdon, W.B., Weimer, W.: Specialising software for different downstream applications using genetic improvement and code transplantation. IEEE Trans. Softw. Eng. 44, 574–594 (2017)
Hu, N., Ye, M., Wei, S.: Surviving information leakage hardware Trojan attacks using hardware isolation. IEEE TETC (2017)
Schuster, F., et al.: VC3: trustworthy data analytics in the cloud using SGX. In: S&P, pp. 38–54 (2015)
Horwitz, S., Reps, T., Binkley, D.: Interprocedural slicing using dependence graphs. In: PLDI, pp. 35–46 (1988)
Acknowledgements
This work was supported in part by National Science Foundation Grants CNS-1750867 and CCF-1745775.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Ye, M., Cohen, M.B., Srisa-an, W., Wei, S. (2018). EvoIsolator: Evolving Program Slices for Hardware Isolation Based Security. In: Colanzi, T., McMinn, P. (eds) Search-Based Software Engineering. SSBSE 2018. Lecture Notes in Computer Science(), vol 11036. Springer, Cham. https://doi.org/10.1007/978-3-319-99241-9_24
Download citation
DOI: https://doi.org/10.1007/978-3-319-99241-9_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99240-2
Online ISBN: 978-3-319-99241-9
eBook Packages: Computer ScienceComputer Science (R0)