Efficient Control Flow Attestation by Speculating on Control Flow Path Representations
Liam Tyler, Adam Caulfield, Ivan De Oliveira Nunes
TL;DR
This paper introduces RESPEC-CFA, an architectural extension for control flow attestation that significantly reduces log sizes by speculating on control flow locality and encoding, enhancing practicality.
Contribution
RESPEC-CFA is a novel extension that enables speculation on control flow locality and Huffman encoding, drastically reducing control flow log sizes for more practical CFA.
Findings
CFlog sizes reduced by up to 90.1% with RESPEC-CFA.
Combined with prior methods, reductions reach up to 99.7%.
RESPEC-CFA advances practical control flow attestation.
Abstract
Control Flow Attestation (CFA) allows remote verification of run-time software integrity in embedded systems. However, CFA is limited by the storage/transmission costs of generated control flow logs (CFlog). Recent work has proposed application-specific optimizations by speculating on likely sub-paths in CFlog and replacing them with reserved symbols at runtime. Albeit effective, prior approaches do not consider the representation of addresses in a control flow path for speculation. This work proposes RESPEC-CFA, an architectural extension for CFA allowing for speculation on (1) the locality of control flows and (2) their Huffman encoding. Alone, RESPEC-CFA reduces CFlog sizes by up to 90.1%. Combined with prior methods, RESPEC-CFA yields reductions of up to 99.7%, representing a significant step toward practical CFA.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Adversarial Robustness in Machine Learning · Formal Methods in Verification