embSFI
Software Fault Isolation (SFI) is a technique to sand- box software components based on transformation and checks on the assembly code level. In this way, software components can only access memory within specific fault domains. embSFI applies selected SFI techniques to embedded systems in order to increase dependability and security, complementing or replacing a memory management unit. embSFI approach is designed to use SFI techniques which can be validated efficiently, even on embedded devices. Furthermore, we show that the overhead in performance is low, however depending on the scenario.
News
Validator & Loader Version 0.1.1
- To make testing easier qemu-arm was added to the Makefile
- Some small bugfixes were made
Initial Version
The initial version was published exactly in time for the workshop CERTS- Initial version of validator and loader supporting parts of the ARMv7 A32 instruction set (no thumb)
- Modified Clang 3.7 to emit validateable ARM code
Download
llvm-clang-3.7.0-embSFI-0.1rc.tar.xz
validator-loader-embSFI-0.1.1rc.tar.xz
Instructions
Compile the compiler
Download the compiler modified for embSFI(llvm-clang-3.7.0-embSFI-0.1rc) and extract it. Then compile it like the unmodified compiler:
cd llvm-embsfi
mkdir build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make -j 5 clang
Remember the binary build/bin/clang for later use.
Compile the loader and validator
Download the validator and loader sourecode. Change into the directory and change the path to the clang binary in the Makefile. Then enter make test. This compiles the ELF-Loader and the embSFI validator. It also compiles a simple commandline program that loads and validates applications and is used like ./mainCLI application.o. The test makefile command also compiles the small test application minitest and hands it to mainCLI
Run on x86 with emulated qemu-arm
Download an arm cross compiler gnu toolchain for linux to create a linux binary for arm. It can be found for exmaple at linaro. Then in the Makefile set the cross compiler like:
CROSSTOOLCHAIN=/path/to/gcc-linaro-6.3.1-2017.05-x86_64_arm-linux-gnueabihf/
CC=$(CROSSTOOLCHAIN)/bin/arm-linux-gnueabihf-gcc -Os -marm
Now you need to install qemu which is available in most repos.
Then execute make emulatedtest which should start qemu-arm with the compiled program.
Use other test application
...
Benchmark
To measure the run time and memory performance real world applications or benchmarks can be used.
One simple to use benachmark is the MiBench suite.
For first benchmarking the qsort and bitcount benchmark from the automotive MiBench was used.
In order to get the benchmark running remember that everything at the end must be in one single relocatable without any library dependencies and compiled with the embsfi clang/llvm compiler.
This can be achieved for example using single files from the newlib implementation of the standard library like qsort.c and compile them as described above.
bitcount
The MiBench bitcount example once compiled with normal clang 3.7 and once with embSFI modified. First the run time in microseconds and then the binary size
qsort
The big qsort MiBench with 5000 words being sorted using qsort from newlib
About
The project was started during a master thesis at TU München under advisor Oliver Horst and supervisor Christian Prehofer in the environment of fortiss. After the thesis a paper was published at the CERTS16 workshop about the topic from the fortiss institute which integrated the work into a bigger environment.
Impressum
Andreas Ruhland
Von-Puech-Str. 11
85435 Erding
feedback@embsfi.de