Secure Instruction and Data-Level Information Flow Tracking Model for RISC-V

Abstract

This study proposes a novel multi-level granularity Information Flow Tracking (IFT) model designed specifically for the RISC-V architecture to enhance runtime security and system integrity. The approach integrates hardware-based IFT with a Gate-Level IFT (GLIFT) technique, balancing flexibility and precision while overcoming the inherent resource consumption issues of prior schemes. By employing 1-bit tags and optimized shadow logic that tracks data only in security-critical modules, the model effectively eliminates area overhead and provides accurate flow assessment without false conservative results.

Report

Key Highlights

• Novel Security Model: Introduces a multi-level granularity Information Flow Tracking (IFT) model for RISC-V to protect system integrity from untrusted channels.
• Integrated Architecture: Combines traditional hardware-based IFT with Gate-Level IFT (GLIFT) to achieve superior precision and flexibility.
• Optimized Overhead: Utilizes optimized shadow logic that only tracks data for security-critical modules, thus eliminating significant area overhead.
• Precision Improvement: Implements an enhanced tagged mechanism using minimal 1-bit tags to improve precision logic without massive resource cost.

Technical Details

• Target Architecture: Reduced Instruction Set Architecture (RISC-V).
• Core Method: IFT technique integrated across two levels of granularity (hardware and gate-level).
• Granularity Translation: Translation of information flow moves from the instruction level down to the data level, triggered by module instantiation associated with security-critical data.
• Tagging Scheme: Relies on 1-bit tags for efficient tagging and tracking of sensitive data.
• Verification Method: The model is demonstrated via a simulation-based IFT model that translates architecture-specific extensions into a compiler-specific simulation model using RISC-V toolchain extensions.

Implications

• Enhanced RISC-V Security: Provides a robust solution for securing RISC-V cores, which is increasingly critical given the architecture's use across devices and the integration of untrusted third-party IP.
• Solving the IFT Trade-off: Successfully addresses the long-standing challenge of balancing the resource demands of fine-grained IFT with the low precision of coarse-grained IFT models.
• Practical Deployment: The optimized shadow logic ensures that the high precision gained by integrating GLIFT does not render the technique impractical due to overwhelming hardware overhead, making it suitable for real-world embedded systems.
• Runtime Protection: Enables crucial runtime security assessments by accurately tracking data flow from potentially malicious or untrusted communication channels, mitigating threats like fault injection and privacy invasion.