Design and Implementation of a Hardware Assisted Security Architecture for Software Integrity Monitoring

The increasing complexity of software and hardware layers makes them likely to include vulnerabilities. Recent research has shown that subtle attacks are able to successfully exploit (through compromised peripherals performing DMA attacks for instance) vulnerabilities in low-level software, even running in the most privileged mode of the processors. Therefore, the security of such systems should not be solely based on components running on the processor. This paper describes the design and the implementation of a security architecture that is designed to securely execute integrity checks of any software running on top of this architecture. It is composed of a security hypervisor, running in the most privileged level of the processor, assisted by a trusted hardware component, autonomous and independent of the processor, regularly checking the integrity of the security hypervisor itself. The design, the implementation of this security architecture, as well as experiments showing the relevance of our approach, are detailed in this paper.