Abstract
Researchers at the University of Central Florida have designed
a hardware-only system that can recover integrity-protected non-volatile
memories (NVMs) faster and more cost-efficiently than other memory recovery/controller
technologies. Called Anubis, the UCF ultra-low overhead and recovery time device
seamlessly integrates with secure and integrity-protected systems to recover NVMs
and resolve inconsistencies between both data and metadata after a cache miss
(power loss or system crash). Other technologies lack this fast, comprehensive
approach to NVM recovery.
Existing controller technologies require several hours and
high overhead to recover and verify NVMs secured by integrity schemes such as
non-parallelizable Merkle trees or parallelizable ones (similar to complicated
Intel® SGX-style trees). In contrast, UCF's Anubis system can speed the recovery time
of secure NVMs by almost 10^7 (for example, from 8 hours down to 0.03
second) using less overhead. More importantly, Anubis provides added security
and recoverability by persistently tracking data and metadata. This enables the
system to quickly evaluate/rebuild multiple levels of a tree or interlevel
dependent trees whenever a cache miss occurs.
Technical Details
The invention is a memory system comprising a memory
controller and an integrity-protected NVM device that contains a shadow tracker
region. In one example application of the system, the memory controller
persistently tracks the addresses of Merkle tree counter and memory blocks in
the secure metadata cache. To do this, the controller accesses a shadow counter
table and a shadow Merkle tree table within the shadow tracker region of the
NVM. Since the addresses only change when a cache miss occurs, the overhead required to track them in memory is minimal. Therefore, the system only has to rebuild the
affected parts of the secure metadata cache associated with the
persistent addresses in the NVM device. Anubis removes the memory size barrier
in recovery time and makes the recovery time a function of counter cache and
Merkle tree cache size. An evaluation of performance overhead shows that, on average, Anubis
reduces the performance overhead from 63 percent to approximately 3.4 percent.
Benefit
Low costSignificantly reduces overhead and provides near-zero recovery timeCan be seamlessly integrated into secure and integrity-protected systems, including Intel? SGXRequires only minor changes in the memory controllerMarket Application
Data serversProcessors in high-availability serversPublications
Anubis: Ultra-Low Overhead and Recovery Time for Secure Non-Volatile Memories
Proceedings of the 46th International Symposium on Computer Architecture, ISCA ’19, June 22–26, 2019, Phoenix, AZ, USA. Association for Computing Machinery
Computer Engineering Researcher Focuses on Designing Secure Architectures
Brochure