# Securing Accelerators with Dynamic Information Flow Tracking

**Authors:** Luca Piccolboni, Giuseppe Di Guglielmo, Luca Carloni

arXiv: 1903.06801 · 2019-03-19

## TL;DR

This paper demonstrates how accelerators can bypass dynamic information flow tracking (DIFT) security and proposes a hardware solution to restore DIFT's security guarantees with minimal performance and area impact.

## Contribution

It reveals the vulnerability of DIFT to accelerators and introduces a hardware-based method to secure DIFT in heterogeneous SoCs.

## Key findings

- Accelerators can break DIFT security.
- Hardware solutions can restore DIFT security.
- Low overhead hardware implementation is feasible.

## Abstract

Systems-on-chip (SoCs) are becoming heterogeneous: they combine general-purpose processor cores with application-specific hardware components, also known as accelerators, to improve performance and energy efficiency. The advantages of heterogeneity, however, come at a price of threatening security. The architectural dissimilarities of processors and accelerators require revisiting the current security techniques. With this hardware demo, we show how accelerators can break dynamic information flow tracking (DIFT), a well-known security technique that protects systems against software-based attacks. We also describe how the security guarantees of DIFT can be re-established with a hardware solution that has low performance and area penalties.

---
Source: https://tomesphere.com/paper/1903.06801