TREBIVETM: A TREe Based Integrity Verification Environment for Non-volatile Memory System

In view of the introduction of computer technologies into social infrastructure, computer security is rapidly emerging as a major real-world problem. Since control devices are left in physically insecure fields, the risk of physical attack is a greater concern than in the case of data center systems. In addition, non-volatile main memory technology may extend the threat because an attacker can easily manipulate and retrieve data stored in the memory. Much research has been done with a view to realizing secure processors with integrity tree verification, but no secure processor product with MMU capability has been commercialized so far. In this paper, TREBIVE, a TREe-Based Integrity Verification Environment, is proposed. It offers VMM-based memory integrity and confidentiality protection for existing COTS processors. A prototype VMM is constructed using ARM Cortex-A15 processors and quantitative analysis is performed using the Linux environment. The result shows a considerable amount of overhead, which is a concern. However, the results of experiments on SQLite queries support the view that the proposed method offers quicker response than whole DB image verification on existing systems. A target system model to mitigate the overhead is also proposed, in order to support robust disconnected operation of field devices.