[llvm-dev] Internship @ CEA Grenoble - France: Integrity and Confidentiality of Programs and Data for Embedded Systems
'Lionel MOREL' via llvm-dev
llvm-dev at lists.llvm.org
Tue Nov 14 06:38:05 PST 2017
Dear all,
We are looking for an MSc intern to work on program and data
confidentiality and integrity using LLVM and targeting the RISC-V
architecture. The internship will take place in the CEA Center in
Grenoble, at the heart of the French Alps.
Position is from February 2018 on and will be filled as soon as possible.
The candidate should have a strong background in software design and
compilation, and working knowledge about processor architecture. She/he
should be at ease with software methodologies and technologies,
including: C, C++, git, GNU/Linux. Prior experience of developments in
LLVM is a plus.
Please see below for a full description.
And contact damien.courousse at cea.fr and lionel.morel at cea.fr to apply.
Regards
LM
--
Lionel Morel
Research Engineer at CEA-LIST
DRT/LIST/DACLE/SCSN/LIALP
Laboratoire Infrastructures et Ateliers pour le Logiciel sur Puces
Commissariat à l’énergie atomique et aux énergies alternatives
MINATEC Campus | 17 rue des Martyrs | 38054 Grenoble Cedex 9
Tel : +33 (0)4 38 78 15 88
lionel.morel at cea.fr
Full Internship description :
Maters internship: Integrity and Confidentiality of Programs and Data
for Embedded Systems
at : CEA Grenoble, FRANCE
contact: Damien.Courousse at cea.fr, Lionel.Morel at cea.fr
see online:
http://www.cea.fr/emploi/Lists/Stages/StructuredDisplayForm.aspx?ID=114530
* Background
Physical attacks are the most efficient way to extract secret
information or to bypass security protections on embedded systems. The
attacker has the targeted platform in his hands, literally, so she can
directly observe the circuit's behaviour [1] (otherwise called
side-channel attacks), or she can perturb the systems functionality [2]
(otherwise called fault-injection attacks). The LIALP laboratory, which
is part of the CEA in Grenoble, develops an LLVM-based compilation
toolchain that automates the implementation of software counter-measures
against physical attacks. More precisely, we develop an original
software platform that allows to improve the robustness of embedded
software against both fault-injection and side-channel attacks [3]. One
of the embedded protections relies on code polymorphism: the shape of
the secured code (in terms of the machine instructions being executed)
regularly changes while the functional properties are not altered. The
behavioral variability provided by this protection scheme drastically
lessens the likelihood of success of side-channels attacks.
Another line of attack consists in extracting the code of the target
platform and reverse-engineer it so as to identify the most effective
attack paths. Furthermore, reverse-engineering also lets an attacker
analyzing the program's behavior. As such, it can be very useful for a
competitor to gain valuable knowledge about the software solution
deployed. To guarantee software confidentiality, encryption of the
program contents can be performed, making it impossible to read the
program content for whoever doesn't have the encryption key. The
program's instructions then needs to be decrypted on-the fly, as they
are executed by the processor. The LSOSP laboratory, also a part of the
CEA, has developed a specialized processor architecture that is able to
execute encrypted code without the code being exposed in clear in the
system's main memory [4].
To sum up, on one hand, software encryption brings confidentiality, but
the resulting program is still vulnerable to physical attacks. On the
other hand, programs protected with code polymorphism are protected
against physical attacks but not again reverse- engineering. The goal
of this work is to combine both approaches to increase the system's
security overall.
* Objectives: combining software encryption with code polymorphism
The objective of this internship is to set up a software solution that
combines code polymorphism with software encryption, in order to protect
programs against both physical attacks and reverse engineering. A
preliminary study has already been performed, which shows that it is
possible to combine effectively code polymorphism and code encryption:
it will serve as a basis for this work.
In this project, we will target the RISC-V architecture [5]. This
architecture, initially developed at the University of California, in
Berkeley, establishes a free and open-source Instruction Set
Architecture as well as several micro-architectural implementations.
RISC-V is particularly adapted to constrained embedded systems (e.g.
IoT) but it can also be used for more compute-hungry applications. It
presently raises the interest of many developers and is supported by a
increasingly large community. Many contributors both from the industry
and academia propose processor implementations and tools around RISC-V,
including backends for compilers like clang/LLVM and hardware simulation
tools (e.g. Instruction Set Simulators, ISS).
The tasks carried out by the student will be:
- to familiarize with tools available for the RISC-V architecture, in
particular compilers and ISSs;
- to set up the security solution proposed above;
- to experimentally validate the solution implemented. This will
consist in both performance evaluation and security characterization.
- if time permits, to propose improvements on the implementation, in
order to increase performance or enhance security.
* Candidate profile
The candidate should have a strong background in software design and
compilation, and working knowledge about processor architecture. She/he
should be at ease with software methodologies and technologies,
including: C, C++, git, GNU/Linux. Prior experience of developments in
LLVM is a plus.
The work is to be carried out in a multi-disciplinary context, so
cross-disciplinary curiosity is a plus.
* Work environment
The candidate will be supervised in a high quality research environment
that is developing innovative solutions at the intersection between
software and hardware. Results of the internship shall be considered for
publication in an international workshop or conference, if time permits.
Financial support is provided for this intership position. Knowledge
of French is not required.
* References
[1] https://en.wikipedia.org/wiki/Side-channel_attack
[2] https://en.wikipedia.org/wiki/Fault_injection
[3] D. Couroussé, T. Barry, B. Robisson, P. Jaillon, O. Potin, and
J.-L. Lanet “Runtime Code Polymorphism as a Protection Against Side
Channel Attacks,” in 10th WISTP International Conference on Information
Security Theory and Practice, 2016, pp. 136–152.
[4] T. Hiscock, O. Savry, and L. Goubin, “Lightweight Software
Encryption for Embedded Processors,” in 2017 Euromicro Conference on
Digital System Design (DSD), 2017, pp. 213–220.
[5] https://riscv.org/
More information about the llvm-dev
mailing list