Shielding Performance Monitor Counters: a double edged weapon for safety and security

Recent years have witnessed the growth of the adoption of Cyber-Physical Systems (CPSs) in many sectors such as automotive, aerospace, civil infrastructures and healthcare. Several CPS applications include critical scenarios, where a failure of the system can lead to catastrophic consequences. Therefore, anomalies due to failure or malicious attacks must be timely detected. This paper focuses on two relevant aspects of the design of a CPS: safety and security. In particular, it studies how performance monitor counters (PMCs) available in modern microprocessors can be from the one hand a valuable tool to enhance the safety of a system and, on the other hand, a security backdoor. Starting from the example of a PMC based safety mechanism, the paper shows the implementation of a possible attack and eventually proposes a strategy to mitigate the effectiveness of the attack while preserving the safeness of the system.

[1]  Lihui Wang,et al.  Cloud-Based Cyber-Physical Systems in Manufacturing , 2017 .

[2]  Ciprian-Radu Rad,et al.  Smart Monitoring of Potato Crop: A Cyber-Physical System Architecture Model in the Field of Precision Agriculture , 2015 .

[3]  Aditya P. Mathur,et al.  Aligning Cyber-Physical System Safety and Security , 2014, CSDM Asia.

[4]  Debdeep Mukhopadhyay,et al.  Performance Counters to Rescue: A Machine Learning based safeguard against Micro-architectural Side-Channel-Attacks , 2017, IACR Cryptol. ePrint Arch..

[5]  Henrik Theiling,et al.  Multi-core Interference-Sensitive WCET Analysis Leveraging Runtime Resource Capacity Enforcement , 2014, 2014 26th Euromicro Conference on Real-Time Systems.

[6]  Manfred A. Jeusfeld,et al.  CPS-based Threat Modeling for Critical Infrastructure Protection , 2017, SIGMETRICS Perform. Evaluation Rev..

[7]  Yutao Liu,et al.  CFIMon: Detecting violation of control flow integrity using performance counters , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[8]  Massimo Violante,et al.  A Novel Method for Online Detection of Faults Affecting Execution-Time in Multicore-Based Systems , 2017, ACM Trans. Embed. Comput. Syst..

[9]  Debdeep Mukhopadhyay,et al.  Who Watches the Watchmen?: Utilizing Performance Monitors for Compromising Keys of RSA on Intel Platforms , 2015, CHES.

[10]  Ludovic Piètre-Cambacédès,et al.  Modeling safety and security interdependencies with BDMP (Boolean logic Driven Markov Processes) , 2010, 2010 IEEE International Conference on Systems, Man and Cybernetics.

[11]  Michail Maniatakos,et al.  ConFirm: Detecting firmware modifications in embedded systems using Hardware Performance Counters , 2015, 2015 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[12]  Dzmitry Kliazovich,et al.  Profiling cloud applications with hardware performance counters , 2014, The International Conference on Information Networking 2014 (ICOIN2014).

[13]  Francisco J. Cazorla,et al.  High-Integrity Performance Monitoring Units in Automotive Chips for Reliable Timing V&V , 2018, IEEE Micro.

[14]  Joseph Bonneau,et al.  Cache-Collision Timing Attacks Against AES , 2006, CHES.

[15]  Trevor Mudge,et al.  MiBench: A free, commercially representative embedded benchmark suite , 2001 .

[16]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[17]  Ingrid Verbauwhede,et al.  Exploiting Hardware Performance Counters , 2008, 2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography.