sCFI:基于ARM Cortex-M的间歇性控制流完整性保护

张炜超; 魏宇萌; 王鹏; 邵鑫慧; 王焱; 刘峰

引用本文：

张炜超,魏宇萌,王鹏,邵鑫慧,王焱,刘峰.sCFI:基于ARM Cortex-M的间歇性控制流完整性保护[J].信息安全学报,已采用 [点击复制]
ZHANG Weichao,WEI Yumeng,WANG Peng,SHAO Xinhui,WANG Yan,LIU Feng.sCFI: Sporadical CFI protection on ARM Cortex-M[J].Journal of Cyber Security,Accept [点击复制]

本文已被：浏览 127次下载 0次
sCFI:基于ARM Cortex-M的间歇性控制流完整性保护
张炜超¹, 魏宇萌², 王鹏³, 邵鑫慧², 王焱⁴, 刘峰⁴
0 字体:加大+\|默认\|缩小-
(1.中国科学院信息工程研究所，中国科学院大学网络空间安全学院;2.东南大学;3.中国科学院信息工程研究所;4.中国科学院信息工程研究所,中国科学院大学网络空间安全学院)

摘要:

随着物联网（IoT）的不断发展，嵌入式系统的安全性，特别是那些使用不安全语言（如 C/C++）编写的嵌入式系统，已成为学术界和工业界的一个关键问题。这些语言缺乏类型和内存安全性，使得嵌入式系统容易受到控制流劫持攻击。控制流完整性（CFI）是一种有前景的防御技术，但现有的通用操作系统防护方案并不适用于典型的资源受限嵌入式系统环境。为了解决这一问题，我们提出了一种针对ARM Cortex-M处理器的后向控制流保护方案——间歇性控制流完整性（Sporadical CFI, sCFI）。sCFI提出了基于ARM TrustZone-M的影子栈方案，包含一个基于TrustZone-M的影子栈和一个LLVM插桩原型编译器，sCFI仅保护开发人员认为需要保护的函数的返回地址，并对这些函数的栈帧地址进行随机化处理。通过将影子栈隔离在ARM TrustZone的安全区内，并通过MSP_NS/PSP_NS寄存器验证返回地址，sCFI以开发者预期的开销确保关键函数控制流的完整性。LLVM插桩原型编译器允许开发人员选择特定的函数或源文件，从而平衡性能和安全性。实验评估表明，基于默认策略，sCFI在BEEBS和CoreMark中的25个基准测试中分别引入了6.649%和5.317%的最大平均运行时开销，证明了它在增强网络安全性方面的有效性和实用性。

关键词: 物联网控制流完整性返回导向编程

DOI：

投稿时间：2025-01-28修订日期：2025-05-01

基金项目:

sCFI: Sporadical CFI protection on ARM Cortex-M

ZHANG Weichao¹, WEI Yumeng², WANG Peng³, SHAO Xinhui², WANG Yan⁴, LIU Feng⁴

(1.Institute of Information Engineering，Chinese Academy of Sciences, Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences;2.Southeast University;3.Institute of Information Engineering, Chinese Academy of Sciences;4.Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences)

Abstract:

With the continuous development of the Internet of Things (IoT), the security of embedded systems, especially those written in unsafe languages such as C/C++, has become a critical concern in both academic and industrial circles. These programming languages inherently lack type and memory safety features, which makes embedded systems highly vul-nerable to control flow hijacking attacks. Control Flow Integrity (CFI) has emerged as a promising defense mechanism to mitigate such attacks. However, existing general-purpose operating system protection solutions are not well-suited for typical resource-constrained embedded system environments, where hardware and software resources are limited. To address this gap, we propose a novel solution for backward control flow protection targeting ARM Cortex-M proces-sors—Intermittent Control Flow Integrity (sCFI). The sCFI approach introduces a shadow stack mechanism based on ARM TrustZone-M, consisting of a TrustZone-M-based shadow stack and an LLVM instrumentation prototype compiler. The key innovation of sCFI is that it only protects the return addresses of those functions that the developer identifies as needing protection. Additionally, sCFI randomizes the stack frame addresses of these specific functions, further enhanc-ing security. By isolating the shadow stack within the secure area of ARM TrustZone and verifying the return addresses using the MSP_NS/PSP_NS registers, sCFI ensures the integrity of the control flow for critical functions while main-taining minimal overhead in line with the developer’s expectations. Moreover, the LLVM instrumentation prototype compiler enables developers to selectively protect particular functions or source files, offering a flexible way to balance performance and security. This approach allows for more fine-grained control over the security features, making it easier to tailor the protection mechanisms to the specific needs of the system. Experimental evaluations indicate that, based on the default strategy, sCFI introduces a maximum average runtime overhead of 6.649% and 5.317% in 25 benchmark tests from BEEBS and CoreMark, respectively. These results validate the effectiveness and practicality of sCFI in enhancing the security of embedded systems, particularly in the context of IoT networks.

Key words: Internet of Things Return-Oriented Programming Control Flow Integrity