An Analysis of Secure Processor Architectures

Security continues to be an increasingly important concern in the design of modern systems. Many systems may have security requirements such as protecting the integrity and confidentiality of data and code stored in the system, ensuring integrity of computations, or preventing the execution of unauthorized code. Making security guarantees has become even harder with the emergence of hardware attacks where the attacker has physical access to the system and can bypass any software security mechanisms employed. To this end, researchers have proposed Secure Processor architectures that provide protection against hardware attacks using platform features. In this paper, we analyze three of the currently proposed secure uniprocessor designs in terms of their security, complexity of hardware required and performance overheads: eXecute Only Memory (XOM), Counter mode encryption and Merkle tree based authentication, and Address Independent Seed Encryption and Bonsai Merkle Tree based authentication. We then provide a discussion on the issues in securing multiprocessor systems and survey one design each for Shared Memory Multiprocessors and Distributed Shared Memory Multiprocessors. Finally, we discuss future directions in Secure Processor research which have largely been ignored forming the weakest link in the security afforded by the proposed schemes, namely, Secure booting and Secure configuration. We identify potential issues which can serve to form the foundation of further research in secure processors.