Skip to content

A Survey of Hardware Improvements to Secure Program Execution

by Lianying Zhao, He Shuang, Shengjie Xu, Wei Huang, Rongzhen Cui, Pushkar Bettadpur and David Lie
Abstract:
Hardware has been constantly augmented for security considerations since the advent of computers. There is also a common perception among computer users that hardware does a relatively better job on security assurance compared to software. Yet, the community has long lacked a comprehensive study to answer questions such as how hardware security support contributes to security, what kind of improvements have been introduced to improve such support and what its advantages/disadvantages are. By generalizing various security goals, we taxonomize hardware security features and their security properties that can aid in securing program execution, considered as three aspects, i.e., state correctness, runtime protection and input/output protection. Based on this taxonomy, the survey systematically examines 1) the roles: how hardware is applied to achieve security; and 2) the problems: how reported attacks have exploited certain defects in hardware. We see that hardware’s unique advantages and problems co-exist and it highly depends on the desired security purpose as to which type to use. Among the survey findings are also that code as part of hardware (aka. firmware) should be treated differently to ensure security by design; and how research proposals have driven the advancement of commodity hardware features.
Reference:
Lianying Zhao, He Shuang, Shengjie Xu, Wei Huang, Rongzhen Cui, Pushkar Bettadpur and David Lie, “A Survey of Hardware Improvements to Secure Program Execution”, In ACM Computing Surveys (CSUR), 2024. (Author’s Copy. Published version is available here.)
Bibtex Entry:
@article{lzhao:csur2024:secure-hardware,
	author = {Zhao, Lianying and Shuang, He and Xu, Shengjie and Huang, Wei and Cui, Rongzhen and Bettadpur, Pushkar and Lie, David},
	title = {A Survey of Hardware Improvements to Secure Program Execution},
	year = {2024},
	publisher = {Association for Computing Machinery},
	address = {New York, NY, USA},
	issn = {0360-0300},
	url = {https://security.csl.toronto.edu/wp-content/uploads/2024/06/lzhao_csur2024_secure_hardware.pdf},
	doi = {10.1145/3672392},
	abstract = {Hardware has been constantly augmented for security considerations since the advent of computers. There is also a common perception among computer users that hardware does a relatively better job on security assurance compared to software. Yet, the community has long lacked a comprehensive study to answer questions such as how hardware security support contributes to security, what kind of improvements have been introduced to improve such support and what its advantages/disadvantages are. By generalizing various security goals, we taxonomize hardware security features and their security properties that can aid in securing program execution, considered as three aspects, i.e., state correctness, runtime protection and input/output protection. Based on this taxonomy, the survey systematically examines 1) the roles: how hardware is applied to achieve security; and 2) the problems: how reported attacks have exploited certain defects in hardware. We see that hardware’s unique advantages and problems co-exist and it highly depends on the desired security purpose as to which type to use. Among the survey findings are also that code as part of hardware (aka. firmware) should be treated differently to ensure security by design; and how research proposals have driven the advancement of commodity hardware features.},
	journal = {ACM Computing Surveys ({CSUR})},
	month = jun,
	keywords = {Hardware Security Support, Trusted Execution Environments},
	comment = {Author's Copy. Published version is available <a href="https://dl.acm.org/doi/10.1145/3672392">here</a>.},
}