Contemporary devices rely on an increasing amount of software to implement their respective functionality. Hence, the software including its correct execution are key assets in modern systems. A huge portfolio of attack techniques, ranging from remotely mountable software attacks to local attacks that utilize physical access, endanger these assets and need to be mitigated. However, countermeasures deployed in current systems mainly focus on the prevention of pure software attacks. Attack types that (locally or remotely) exploit physical properties of a device are often neglected although they are applicable to mobile devices and threaten software in the emerging cloud computing, IoT, and Industry 4.0 contexts. The exploitation of side-channels (e.g., timing, power) and fault injection are two prominent examples of physical attacks. Unfortunately, modern processor architectures provide basically no support for protecting software against such physical attacks.
In this thesis, we work towards fixing this shortcoming of current architectures and present several novel techniques that enable secure software execution in the context of physical attacks. In particular, to protect the code, we showcase two hardware-supported Control-Flow Integrity (CFI) schemes which enforce that executed instructions are genuine and in correct sequence. Both techniques have been implemented in real processor designs, come with appropriate toolchain support, and are tested in simulation and/or on actual FPGA/ASIC hardware. Additionally, building upon such CFI schemes, a novel software-only technique for remote attestation has been developed. The new technique effectively incorporates all common existing approaches and can further be used for online licensing.
In the domain of protecting data against illegal access and tampering, two approaches for improving the memory subsystem are part of this thesis. Firstly, an open-source hardware framework for building as well as researching transparent memory encryption and authentication modules is presented. This framework can be used to protect data and code against disclosure and tampering via physical attacks. Secondly, a novel approach for building randomized set-associative CPU caches has been devised. Caches following this design approach have similar performance as contemporary designs but are considerably harder to attack via timing side-channel attacks (e.g., cache attacks).