Research On Memory Safe Embedded Processor Architecture Based On Metadata Parallel Processing

Embedded system is a special-purpose computer system.It is based on modern computer technology and is application-oriented.It can flexibly tailor software and hardware modules according to user needs.It has the characteristics of simple structure,low software and hardware resource requirements,and high degree of customization.It has been widely used in many fields such as medical and health,industrial automation,autonomous driving,consumer electronics and so on.In order to reduce the system cost,the embedded processor has limited hardware resources and is not possible to design a complex security mechanism.On the other hand,the embedded software is generally implemented using memory-unsafe programming languages to improve performance,minimize memory footprint,and enhance underlying hardware control capabilities with the expense of lacking necessary memory access security check mechanism.Attacks using memory access vulnerabilities have become an important form of security attacks targeting embedded systems due to their wide entry points,simple attack conditions and high severity.In order to improve the runtime memory safety of embedded systems and reduce the hardware and software overhead,this paper proposes a metadata parallelizing embedded processor architecture,and studies the impact of metadata parallelizing mechanism on processor hardware design and software programming which leads to design and implement a typical 32-bit RISC processor with the enhanced memory safety capability.It mainly includes:Firstly,this paper described the abstract memory access model with metadata and proved the effectiveness of metadata in the memory safety implementation.We described a formal memory model following the programming language definition using metadata to strictly define the target memory state space of the access operation,and later proved the security of accesses to the unlimited memory model under metadata constraints based on a formal reasoning system.They are further refined and implemented on an abstract processor model with limited memory space.It can prove that the instructions can only modify the target memory state defined by program which is compliant with memory safety.These works provide a theoretical basis for the subsequent metadata parallelizing architecture.Secondly,a metadata parallelizing architecture is proposed by introducing a metadata system into existing general-purpose embedded processor architecture,and its effectiveness in improving memory safety is validated.We did in-depth study of the impact of metadata storage and parallel processing on the design of processor software and hardware including definitions of temporal,spatial and type metadata structures and organizations,dedicated metadata register file and instruction set extensions to support instruction-level data isolation and safety checks in user mode,and a complete metadata programming interface.The evaluation results show that the proposed metadata parallelizing embedded processor can accurately detect all available attack vectors in the memory safety test set RIPE(Runtime Intrusion Prevention Evaluator)which effectively improves the runtime memory safety,but metadata also introduces an average of 10.93% and 227.82% memory space and access overhead.Thirdly,the metadata memory space and access overhead were optimized with architecture enhancements.By aggregating the representation range of temporal metadata,mining inter-field information redundancy in spatial metadata and reusing the encoding bits,expanding the width of processor data path,and designing metadata-aware memory access control units with hierarchical metadata caches etc.The metadata memory space and access cost are optimized to 7.78% and 5.50%.Fourthly,we proposed software-defined metadata structure and processing rules to support customizing safety mechanism on demand.By decoupling hardware implementation of metadata processing unit with definitions of metadata contents,and supporting programmable security rules,architects can selectively implement known or creatively design new mechanisms according to security goals.This improved the flexibility and scalability of security mechanism design.Fifthly,this paper took ASIP design flow to design and implement a memory safe embedded processor named RV5 Z with 5-stage in-order pipeline based on RV32 IM instruction set and metadata parallelizing architecture.We have closed the functional coverage of the instruction set and analyzed impacts of metadata extensions on hardware and software in depth.Evaluation results of Mi Bench show that program code size increased by 4.96%,data size increased by 7.79%,corresponding data memory access latency increased by 1.63%,and overall program cycles increased by 4.71% on average which are at the same level with similar existing leading solutions;meanwhile synthesis results based on TSMC 28 nm technology confirmed it only introduced additional 26.09% hardware logic while existing solutions introduced 39.04% to 110% resource overhead.Its achievable frequency is 587 MHz with minor 1.17% degradation.Comparing to available memory safety hardware solutions,RV5 Z processor has better balance of software and hardware overhead with flexible and scalable security mechanisms support.The work presented in this paper has positive theoretical and practical significance for embedded security processor architecture exploration and implementation.