Nowadays, embedded devices are increasingly present in everyday life, often controlling and processing critical information. For this reason, these devices make use of cryptographic protocols. However, embedded devices are particularly vulnerable to attackers seeking to hijack their operation and extract sensitive information. Code-Reuse Attacks (CRAs) can steer the execution of a program to malicious outcomes, leveraging existing on-board code without direct access to the device memory. Moreover, Side-Channel Attacks (SCAs) may reveal secret information to the attacker based on mere observation of the device. In this paper, we are particularly concerned with thwarting CRAs and SCAs against embedded devices, while taking into account their resource limitations. Fine-grained code diversification can hinder CRAs by introducing uncertainty to the binary code; while software mechanisms can thwart timing or power SCAs. The resilience to either attack may come at the price of the overall efficiency. Moreover, a unified approach that preserves these mitigations against both CRAs and SCAs is not available. This is the main novelty of our approach, Secure Diversity by Construction (SecDivCon); a combinatorial compiler-based approach that combines software diversification against CRAs with software mitigations against SCAs. SecDivCon restricts the performance overhead in the generated code, offering a secure-by-design control on the performance-security trade-off. Our experiments show that SCA-aware diversification is effective against CRAs, while preserving SCA mitigation properties at a low, controllable overhead. Given the combinatorial nature of our approach, SecDivCon is suitable for small, performance-critical functions that are sensitive to SCAs. SecDivCon may be used as a building block to whole-program code diversification or in a re-randomization scheme of cryptographic code.

翻译：如今，嵌入式设备日益普及于日常生活中，常承担关键信息的控制与处理任务。因此，这类设备广泛采用密码协议。然而，嵌入式设备极易受到试图劫持其运行并窃取敏感信息的攻击者威胁。代码重用攻击（CRAs）可通过利用设备上现有代码（无需直接访问设备内存）将程序执行导向恶意结果。此外，侧信道攻击（SCAs）可能仅通过观察设备行为便向攻击者泄露机密信息。本文特别关注在考虑嵌入式设备资源限制的前提下，抵御CRAs与SCAs的方法。细粒度代码多样化可通过向二进制代码引入不确定性来阻碍CRAs；而软件机制则可抑制时序或功耗型SCAs。抵御任一攻击的代价可能牺牲整体效率，且目前尚无统一方案能同时维持针对两类攻击的缓解措施。我们提出的方案——通过构造实现安全多样性（SecDivCon）——正是这一创新所在：这是一种基于编译器的组合方法，将针对CRAs的软件多样化与针对SCAs的软件缓解措施相结合。SecDivCon通过限制生成代码的性能开销，实现了对性能-安全性权衡的“安全设计”控制。实验表明，感知侧信道的多样化既能有效抵御CRAs，又能以低且可控的开销保持SCA缓解特性。鉴于其组合特性，SecDivCon适用于对侧信道敏感的小型性能关键型函数。该方案可作为全程序代码多样化的构建模块，或用于密码代码的重新随机化方案中。