C5: Security in Invasive Computing Systems

Principal Investigators:

Prof. F. Freiling, Prof. W. Schröder-Preikschat, Prof. G. Snelting,
in cooperation with Mercator Fellow Prof. I. Verbauwhede

Scientific Researchers:

S. Bischof, F. Schirrmacher, F. Turan


Project C5 explores security aspects of invasive computing and resource-aware programming. We aim to ensure confidentiality, integrity and availability of the invasive computing system in the presence of untrustworthy programs that compete for resources and can contain malicious functionality, thereby closing a gap in the system architecture. Project C5 has been established within the second funding phase.

In the second funding phase, the groundwork for security concepts had to be laid: We began to devise the attacker model and define specific security properties for invasive applications. Specific to invasive computing, the attacker model comprises an absent or untrusted system layer accessing shared resources. We then devised several new mechanisms that achieved different levels of isolation at different architectural layers against attacker models with different assumption coverage: at the hardware layer (i.e. isolating applications running on the same core against system level attackers), systems software layer (isolating memory abstractions against application level attackers), and the application layer (integrating security requirements as constraints into the invade phase of an invasive program).

In the third funding phase, we aim to pursue two main goals: (1) We wish to provide mechanisms that can reliably and provably enforce security properties that have been requested by applications at run time even if attacker assumptions are violated, thereby increasing the assumption coverage. (2) We plan to finally extend intra-tile to inter-tile security. The main idea that contributes to both goals is to combine static information flow control with remote attestation together with a hardware-based remote (and destructive) reset mechanism to check and (re-)enforce integrity of computations on remote tiles. Ideas specifically in the direction of goal 1 are heuristic run-time-monitoring approaches and static quantitative information flow analyses to detect information leaks within the invasive system. The second goal specifically is targeted by a novel application of memory encryption on inter-tile virtual shared memory.


The overall challenge is always that security is only as strong as the weakest link: Even though we have gained many insights into security considerations on invasive computing systems already, many challenges for security at different abstraction layers remain. Security holes can exist at the application layer, at different software layers, the architecture layer down to the hardware layer. Security attacks can also take on many forms and shapes. All this needs to be taken into account.

Building upon the results of the second phase, we formulate two main goals for our investigations in the third phase:

  • Goal 1: Provide robust run-time monitoring and enforcement mechanisms for security properties to increase assumption coverage.
  • Goal 2: Extend intra-tile to inter-tile security for integrity and confidentiality.

The first goal aims at integrating the diverse solutions for the different layers that were developed in previous work. The choice of layer on which defensive techniques are placed critically depends on the attacker assumption. The choice of attacker assumption, however, is usually performed by the system operator who can misjudge the threat scenario. The idea which we pursue is to develop solutions that enable the system to detect the violation of attacker assumptions and enable more restrictive security techniques automatically. This is achieved through robust combinations of techniques already developed in the second phase or being developed in this or other projects of the SFB in the third phase. Overall, the probability of choosing the right attacker assumption (and therefore the assumption coverage) is increased.

The second goal is directed towards bootstrapping security from single tiles to multiple tiles. Regarding the hardware layer, the focus in the second phase has been to develop stand-alone solutions (individual cores) that can act as trust anchors in an invasive system. If strong attackers are present, it is not sufficient to maintain islands of security; ideally it should be possible to reset applications that do not obey their prescribed control flow from within the trust anchors. Ideally, the entire system can be brought into a well-defined state again.


We wish to explore possible combinations of multiple existing trusted computing solutions (those developed in the second phase and others) to form more powerful security mechanisms in heterogeneous multicore architectures. This approach is relevant to both goals formulated above. We now describe the main ideas and concepts behind our solutions.

One main thrust will be to compose solutions for control flow attestation with static information flow analysis to achieve a novel and strong form of information flow protection against strong adversaries. This idea contributes mainly to Goal 2 but also to Goal 1, since violations of integrity can then be remotely detected. Hardware-based mechanisms to remotely force non-behaving applications to recover from adversarial actions through a novel concept of destructive preemption are investigated as well. Techniques that ensure inter-tile integrity and thus support Goal 2 at the operating system level are explored, where virtual shared memory (VSM) is used to achieve inter-tile encryption, integrity and authorisation against intermediate strength adversaries. At the same level, we wish to study run-time monitoring techniques that can heuristically detect confidentiality violations.

For example, we wish to introduce static information flow control (IFC) on the programming language level for invasive applications to guarantee confidentiality and integrity in close collaboration with C3. Here, confidentiality means that secret inputs do not influence public outputs, while integrity means that untrusted inputs cannot influence trusted behaviour. Our work will leverage the JOANA system, which uses a new, groundbreaking algorithm for probabilistic non-interference and provides IFC for full multithreaded Java (an X10 front end is in preparation).

While we currently focus solely on static attestation, i.e. the authenticity and integrity of an application is only checked while being loaded, we plan to leverage our solutions to support control flow attestation (CFA). Without CFA, the integrity property of a program can be violated, for example because implementation bugs are exploited and the contents of application memory are changed after the application has been loaded. We will address this problem by extending our static attestation solutions such as Soteria and Atlas with CFA but instead of extending measurements on a basic block basis, we only want to consider basic blocks which belong to critical sections within an applications control flow graph. To this end, we will utilise the static IFC algorithms provided by JOANA such that only critical points (see above) need to be checked and measured during run time while the other parts of the application are considered secure.

Finally, we aim to equip each tile with a hardware extension capable of measuring available software and data, supporting attestation to neighbouring tiles. These tile-to-tile attestations will be used to measure whether these tiles can be trusted to process sensitive workloads, or if the code running there should be revised first. For example, a long-running application may require patches to protect against newly detected attack vectors. Consequently, these mutual attestations will ensure that every invaded tile has the most trusted version of the software or data, i.e. the most recent version addressing all known vulnerabilities. Moreover, possible actions in such an attestation policy include updates, even when doing so requires preemption of the running system to launch into the inherently trusted execution environment which can forcibly apply the update.

A comprehensive summary of the major achievements of the second funding phase can be found by accessing Project C5 second phase website.


[1] Nidhi Anantharajaiah, Tamim Asfour, Michael Bader, Lars Bauer, Jürgen Becker, Simon Bischof, Marcel Brand, Hans-Joachim Bungartz, Christian Eichler, Khalil Esper, Joachim Falk, Nael Fasfous, Felix Freiling, Andreas Fried, Michael Gerndt, Michael Gla├č, Jeferson Gonzalez, Frank Hannig, Christian Heidorn, Jörg Henkel, Andreas Herkersdorf, Benedict Herzog, Jophin John, Timo Hönig, Felix Hundhausen, Heba Khdr, Tobias Langer, Oliver Lenke, Fabian Lesniak, Alexander Lindermayr, Alexandra Listl, Sebastian Maier, Nicole Megow, Marcel Mettler, Daniel Müller-Gritschneder, Hassan Nassar, Fabian Paus, Alexander Pöppl, Behnaz Pourmohseni, Jonas Rabenstein, Phillip Raffeck, Martin Rapp, Santiago Narv┤aez Rivas, Mark Sagi, Franziska Schirrmacher, Ulf Schlichtmann, Florian Schmaus, Wolfgang Schröder-Preikschat, Tobias Schwarzer, Mohammed Bakr Sikal, Bertrand Simon, Gregor Snelting, Jan Spieck, Akshay Srivatsa, Walter Stechele, Jürgen Teich, Furkan Turan, Isa┤ias A. Compr┤es Ureña, Ingrid Verbauwhede, Dominik Walter, Thomas Wild, Stefan Wildermann, Mario Wille, Michael Witterauf, and Li Zhang. Invasive Computing. FAU University Press, August 16, 2022. [ DOI ]
[2] Martin Hecker, Simon Bischof, and Gregor Snelting. On time-sensitive control dependencies. ACM Trans. Program. Lang. Syst., 44(1):1–37, March 2022. [ DOI | http ]
Keywords: timing dependency, timing leak, Control dependency, program slicing
[3] Johannes Bechberger and Alexander Weigl. Upper bound computation of information leakages for unbounded recursion. In Radu Calinescu and Corina S. Păsăreanu, editors, Software Engineering and Formal Methods, pages 160–177, Cham, 2021. Springer International Publishing. [ DOI | http ]
[4] Angel Villar-Corrales, Franziska Schirrmacher, and Christian Riess. Deep learning architectural designs for super-resolution of noisy images. In IEEE International Conference on Acoustics, Speech and Signal Processing, ICASSP 2021, Toronto, ON, Canada, June 6-11, 2021, pages 1635–1639. IEEE, 2021. [ DOI ]
[5] Martin Hecker. Timing Sensitive Dependency Analysis and its Application to Software Security. PhD thesis, Karlsruher Institut für Technologie, Fakultät für Informatik, September 2020. [ DOI ]
[6] Paula Kaiser, Franziska Schirrmacher, Benedikt Lorch, and Christian Riess. Learning to decipher license plates in severely degraded images. In Pattern Recognition. ICPR International Workshops and Challenges - Virtual Event, January 10-15, 2021, Proceedings, Part VI, volume 12666 of Lecture Notes in Computer Science, pages 544–559. Springer, 2020. [ DOI ]
[7] Franziska Schirrmacher, Christian Riess, and Thomas Köhler. Adaptive quantile sparse image (aquasi) prior for inverse imaging problems. IEEE Trans. Computational Imaging, 6:503–517, 2020. [ DOI ]
[8] Franziska Schirrmacher, Benedikt Lorch, Bernhard Stimpel, Thomas Köhler, and Christian Riess. Sr^2: Super-resolution with structure-aware reconstruction. In IEEE International Conference on Image Processing, ICIP 2020, Abu Dhabi, United Arab Emirates, October 25-28, 2020, pages 533–537. IEEE, 2020. [ DOI ]
[9] Florian D. Loch, Martin Johns, Martin Hecker, Martin Mohr, and Gregor Snelting. Hybrid taint analysis for java ee. In Proceedings of the 35th Annual ACM Symposium on Applied Computing, SAC '20, pages 1716–1725, New York, NY, USA, 2020. Association for Computing Machinery. [ DOI | http ]
[10] Furkan Turan and Ingrid Verbauwhede. Trust in FPGA-accelerated Cloud Computing. ACM Computing Surveys, 53(6):128:1–128:28, 2020.
[11] Pieter Maene. Lightweight Roots of Trust for Modern Systems-on-Chip. Dissertation, Faculty of Engineering Science, KU Leuven, Belgium, October 2019.
[12] Alexander Würstlein and Wolfgang Schröder-Preikschat. T-IBE-T: Identity-based encryption for inter-tile communication. In Proceedings of the 12th European Workshop on Systems Security (EuroSec 2019), pages 1–6. ACM Digital Library, 2019. [ DOI ]
[13] Furkan Turan and Ingrid Verbauwhede. Compact and flexible fpga implementation of ed25519 and x25519. ACM Transactions on Embedded Computing Systems (TECS), 18(3):24, 2019.
[14] Furkan Turan and Ingrid Verbauwhede. Propagating trusted execution through mutual attestation. In 4th Workshop on System Software for Trusted Execution (SysTEX'19). ACM, 2019.
[15] Titouan Lazard, Johannes Götzfried, Tilo Müller, Gianni Santinelli, and Vincent Lefebvre. TEEshift: Protecting Code Confidentiality by Selectively Shifting Functions into TEEs. In Proceedings of the 3rd Workshop on System Software for Trusted Execution, SysTEX '18, pages 14–19. ACM, 2018. [ DOI | http ]
[16] Pieter Maene, Johannes Götzfried, Ruan de Clercq, Tilo Müller, Felix Freiling, and Ingrid Verbauwhede. Hardware-Based Trusted Computing Architectures for Isolation and Attestation. IEEE Transactions on Computers, 67(3):361–374, 2018. [ DOI ]
[17] Vincent Lefebvre, Gianni Santinelli, Tilo Müller, and Johannes Götzfried. Universal Trusted Execution Environments for Securing SDN/NFV Operations. In ARES 2018: International Conference on Availability, Reliability and Security. ACM, 2018. [ DOI ]
[18] Pieter Maene, Johannes Götzfried, Tilo Müller, Ruan de Clercq, Felix Freiling, and Ingrid Verbauwhede. Atlas: Application Confidentiality in Compromised Embedded Systems. IEEE Transactions on Dependable and Secure Computing, 2018. [ DOI ]
[19] Simon Bischof, Joachim Breitner, Denis Lohner, and Gregor Snelting. Illi isabellistes se custodes egregios praestabant. In Peter M├╝ller and Ina Schaefer, editors, Principled Software Development: Essays Dedicated to Arnd Poetzsch-Heffter on the Occasion of his 60th Birthday, pages 267–282. Springer International Publishing, 2018. [ DOI | http ]
[20] Johannes Götzfried. RAM-Schranke: RAM-Verschl├╝sselung bei AMD und Intel. c't Magazin f├╝r Computertechnik, 10:174–179, 2018. [ http ]
[21] Ralph Palutke and Felix C. Freiling. Styx: Countering robust memory acquisition. Digital Investigation, 24:18–28, 2018. [ DOI | http ]
[22] David Übler, Johannes Götzfried, and Tilo Müller. Secure Remote Computation using Intel SGX. In Sicherheit 2018, Beiträge der 9. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V. (GI), 25.-27.4.2018, Konstanz, pages 209–219. Gesellschaft für Informatik e.V., 2018. [ DOI | http ]
[23] Simon Bischof, Joachim Breitner, Jürgen Graf, Martin Hecker, Martin Mohr, and Gregor Snelting. Low-deterministic security for low-nondeterministic programs. Journal of Computer Security, 26:335–366, 2018. [ DOI ]
[24] Johannes Götzfried. Trusted Systems in Untrusted Environments: Protecting against Strong Attackers. Dissertation, Chair for IT Security Infrastructures, Department of Computer Science, Friedrich-Alexander-Universität Erlangen-Nürnberg, Germany, 2018. [ http ]
[25] Mykola Protsenko. Securing the Android App Ecosystem: Obfuscation, Tamperproofing, and Malware detection. Dissertation, Department of Computer Science, Friedrich-Alexander-Universität Erlangen-Nürnberg, Germany, 2017.
[26] Johannes Götzfried, Moritz Eckert, Sebastian Schinzel, and Tilo Müller. Cache Attacks on Intel SGX. In Proceedings of the Tenth European Workshop on System Security (EuroSec'17), pages 2:1–2:6. ACM, 2017. [ DOI | http ]
[27] Ruan de Clercq, Johannes Götzfried, David Übler, Pieter Maene, and Ingrid Verbauwhede. SOFIA: Software and Control Flow Integrity Architecture. Computers & Security, 68:16–35, 2017. [ DOI ]
[28] Pieter Maene, Johannes Götzfried, Ruan de Clercq, Tilo Müller, Felix Freiling, and Ingrid Verbauwhede. Hardware-based trusted computing architectures for isolation and attestation. IEEE Transactions on Computers, 2017. In press. [ DOI ]
[29] Job Noorman, Jo Van Bulck, Jan Tobias Mühlberg, Frank Piessens, Pieter Maene, Bart Preneel, Ingrid Verbauwhede, Johannes Götzfried, Tilo Müller, and Felix C. Freiling. Sancus 2.0: A low-cost security architecture for iot devices. ACM Trans. Priv. Secur., 20(3):7:1–7:33, 2017. [ DOI | http ]
[30] Anatoli Kalysch, Johannes Götzfried, and Tilo Müller. VMAttack: Deobfuscating Virtualization-Based Packed Binaries. In Proceedings of the 12th International Conference on Availability, Reliability and Security, pages 2:1–2:10. ACM, 2017. [ DOI | http ]
[31] Gabor Drescher, Christoph Erhardt, Felix Freiling, Johannes Götzfried, Daniel Lohmann, Pieter Maene, Tilo Müller, Ingrid Verbauwhede, Andreas Weichslgartner, and Stefan Wildermann. Providing security on demand using invasive computing. it – Information Technology, 58(6):281–295, September 30, 2016. [ DOI ]
[32] Andreas Weichslgartner, Stefan Wildermann, Johannes Götzfried, Felix Freiling, Michael Glaß, and Jürgen Teich. Design-time/run-time mapping of security-critical applications in heterogeneous mpsocs. In Proceedings of the 19th International Workshop on Software and Compilers for Embedded Systems (SCOPES), pages 153–162. ACM, May 23, 2016. [ DOI ]
[33] Michael Gruhn. Forensically Sound Data Acquisition in the Age of Anti-Forensic Innocence. Dissertation, Department of Computer Science, Friedrich-Alexander-Universität Erlangen-Nürnberg, Germany, 2016.
[34] Alexander Würstlein, Michael Gernoth, Johannes Götzfried, and Tilo Müller. Exzess: Hardware-based RAM Encryption against Physical Memory Disclosure. In Architecture of Computing Systems (ARCS'16). Springer, 2016. [ DOI | http ]
[35] Furkan Turan, Ruan de Clercq, Pieter Maene, Oscar Reparaz, and Ingrid Verbauwhede. Hardware Acceleration of a Software-based VPN. In 26th International Conference on Field Programmable Logic and Applications (FPL'16), pages 1–9. IEEE, 2016. [ DOI ]
[36] Johannes Götzfried, Tilo Müller, Gabor Drescher, Stefan Nürnberger, and Michael Backes. RamCrypt: Kernel-based Address Space Encryption for User-mode Processes. In 11th ACM Asia Conference on Computer and Communications Security (ASAICCS), Special Interest Group on Security, Audit and Control (SIGSAC). ACM, 2016. [ DOI | http ]
[37] Lars Richter, Johannes Götzfried, and Tilo Müller. Isolating Operating System Components with Intel SGX. In 1st Workshop on System Software for Trusted Execution (SysTEX'16). ACM, 2016. [ DOI | http ]
[38] Johannes Götzfried, Nico Dörr, Ralph Palutke, and Tilo Müller. HyperCrypt: Hypervisor-based Encryption of Kernel and User Space. In SBA Research, editor, 11th International Conference on Availability, Reliability and Security (ARES'16). IEEE, 2016. [ DOI | http ]
[39] Ruan de Clercq, Ronald de Keulenaer, Bart Coppens, Bohan Yang, Pieter Maene, Koen de Bosschere, Bart Preneel, Bjorn de Sutter, and Ingrid Verbauwhede. SOFIA: Software and Control Flow Integrity Architecture. In 2016 Design, Automation Test in Europe Conference Exhibition (DATE), pages 1172–1177. IEEE, 2016.
[40] Maximilian Seitzer, Michael Gruhn, and Tilo M├╝ller. A bytecode interpreter for secure program execution in untrusted main memory. In 20th European Symposium on Research in Computer Security (ESORICS'15), pages 376–395. SBA Research, 2015.
[41] Pieter Maene and Ingrid Verbauwhede. Single-cycle implementations of block ciphers. In Lightweight Cryptography for Security and Privacy, Lecture Notes in Computer Science. Springer-Verlag, 2015.
[42] Christopher Kugler and Tilo Müller. Separated control and data stacks to mitigate buffer overflow exploits. In Endorsed Transactions on Security and Safety, pages 1–36. European Alliance for Innovation (EAI), Institute for Computer Sciences, Social Informatics and Telecommunications Engineering (ICST), 2015.
[43] Johannes Götzfried, Tilo Müller, Ruan de Clercq, Pieter Maene, Felix Freiling, and Ingrid Verbauwhede. Soteria: Offline software protection within low-cost embedded devices. In Proceedings of the 31th Annual Computer Security Applications Conference (ACSAC'15), pages 241–250. ACM, 2015. [ DOI | http ]
[44] Maxim Anikeev, Felix Freiling, Johannes Götzfried, and Tilo Müller. Secure garbage collection: Preventing malicious data harvesting from deallocated java objects inside the dalvik vm. In Journal of Information Security and Applications, pages 81–86, Amsterdam, 2015. Elsevier. [ DOI ]
[45] R. de Clercq, F. Piessens, D. Schellekens, and I. Verbauwhede. Secure interrupts on low-end microcontrollers. In IEEE 25th International Conference on Application-specific Systems, Architectures and Processors (ASAP), pages 147–152, June 2014. [ DOI ]
[46] Christopher Kugler and Tilo Müller. Scads: Separated control- and data-stacks (best student paper award). In Social Informatics ICST (The Institute for Computer Sciences and Telecommunications Engineering), editors, 10th International Conference on Security and Privacy in Communication Networks, 2014. [ .pdf ]
[47] Johannes Götzfried and Tilo Müller. Mutual authentication and trust bootstrapping towards secure disk encryption. In Transactions on Information and System Security (TISSEC), volume 17, New York, 2014. [ DOI | http ]
[48] Felix Freiling, Mykola Protsenko, and Yan Zhuang. An empirical evaluation of software obfuscation techniques applied to android apks. In Jingqiang Lin and Tilo Müller, editors, International Workshop on Data Protection in Mobile and Pervasive Computing, 2014.