AdapTimer: Hardware/Software Collaborative Timer Resistant to Flush-Based Cache Attacks on ARM-FPGA Embedded SoC

ARM-FPGA embedded SoCs have been widely used in the fields of drones, embedded and IoT devices due to its high performance and hardware design flexibility. However, ARM-FPGA embedded SoC suffers various types of security threats, one of which is flush-based cache attack. The proposed defense schemes either lead to a high false positive rate or a large performance loss. Due to the importance of high resolution time APIs in the system, schemes that permanently reduce the resolution of time APIs can only be implemented in specific applications such as browsers. Moreover, the method of protecting high resolution timers in software cannot defend against an attacker with root privileges. In this paper, we propose a more secure timer which is a hardware/software co-design on ARM-FPGA embedded SoC. When a software process calls the flush operation, the timer adaptively reduces its resolution and recover after a short period of time. In the case that the flush operation is not called, the impact of the timer on system performance is almost negligible. This hardware/software co-design guarantees the availability of a high resolution time API while defend against attackers with root privileges. The results of the attack experiments show that the success rates of Flush+Reload and flush-based Spectre attacks can be reduced to less than 1% when using the timer. Performance test results show that the timer access latency is 9.5% slower than the fastest PMCCNTR but 5% faster than the global timer of Cortex-A9 MPCore. The modified flush operation API for the design only increases the time consumption by about 12%.