Meng Yu

Cache Security on ARM Meng Yu

ARM platform has been in both research and industry focus for recent years. Based on its energy-efficiency, open source and security design, it is an ideal platform to develop security frameworks for mobile devices. ARM TrustZone provides secure enclaves for developers and users, helping in some secure and private execution environments. However, just like some other platforms, ARM also has the threats of leakage private and secure information from side-channels. A side-channel is some way of getting information from collections of some types of data from the victims. Attackers collect data from energy usage, access time or even temperature change to analyze what the system might be working on. Cache on ARM devices are different from x86 platform, though both are vulnerable to side-channel attacks. This book will provide examples of FLUSH+RELOAD attack, which is one of the typical models for attackers. We also design and implement adaptive defense framework based on side-channel threats. Our design contains both feedback and adaptive FLUSH parts, balancing performance, overhead and security. In this book, we have experiments and theoretical discussions on this framework, and both experimental and theoretical discussion results are provided in this book. This book will help future researchers develop based on our theory and the framework can be developed better in the balance of security and performance. Besides these, we calculate the performance of FLUSH operations on ARM, cost of TrustZone related operations and other performance data of instructions and operations. The data will be helpful in theoretical discussion of future design with side-channel risks.