# Partial Recovery of Secure Non-Volatile Main Memories

Samuel Thomas, Tamara Lehman, R. Iris Bahar, Joseph Izraelevitz

# Background



# Background

Bonsai Merkle Tree



# Background

**Threat Model** 

- Everything off-chip is untrusted
- The memory bus may be snooped
- Memory packets may be replayed
- Memory contents may be scanned
- Memory contents may be tampered with

Integrity-Checking Algorithm

- 1. If the state of memory is ahead of the Merkle Tree state, use prior work to match the states
- 2. Reconstruct the Merkle Tree
- 3. Compare the "computed root" with the root stored on-chip
  - 1. If the roots are the same, then restore the system
  - 2. Otherwise, the system is unrecoverable. Panic.

### The Problem

- Non-volatile memories are an increasingly likely candidate to replace DRAM as main memory of commodity systems
- By retaining memory state after power-off, NVMMs are subject to a wider array of attacks than traditional DRAMs
- Counter-mode encryption can secure main memory and allow for integrity checking mechanisms, but integrity checks are slow – antithetical to fast power-on

# Our Goals

- Partial and lazy recovery of counter-mode encryption-based integrity checking procedures
- Ability to backup non-corrupted memory
- Fast recovery of important code
- Fail-fast of corrupted code

#### **Assumed Architecture**



K. Abu Zubair and A. Awad, "Anubis: Low-overhead and practical recov- ery time for secure non-volatile memories," in *International Symposium on Computer Architecture (ISCA)*, 2019.

# Our Focus



# Our Focus















# Methodology

- We are going to extend the memory controller device class in gem5
- We want to ensure that the runtime doesn't suffer too much overhead
- We will measure recovery time after crash with a variety of implementations

#### **Questions Raised**

Root

- Tradeoff between recoverable memory versus time to recover
- On-chip transaction for nonvolatile tree node cache
- How to ensure that important software is always in the on chip "node domain"

# Thank you for your time!