Networked and Embedded Systems Laboratory

Tryear

Trmonth

Trnumber

Title

Abstract

Many sensor nodes contain resource constrained microcontrollers
where user level applications, operating system components
and device drivers reside within single address space
with no form of memory protection. Programming errors in
one application can easily corrupt the state of the operating
system and other applications on the node. In this paper, we
propose Harbor, a memory protection system that prevents
corruption of state by buggy applications. We use software
based fault isolation (“sandboxing”) to restrict memory accesses
and control flow of applications to protection domains
within the address space. Limited memory on sensor nodes
precludes static partitioning of the address space into different
domains. We have designed Memory map, a flexible and
efficient data structure for recording ownership and layout
information of entire address space. Control flow integrity
is preserved by maintaining a safe stack that stores return
addresses in a protected memory region. Cross domain calls
perform low overhead domain switch within single address
space. Checks are introduced in an application through a
re-write of the compiled binary. The sandboxed binary is
verified on sensor node before it is admitted for execution.
Sensor nodes only need to trust the correctness of the verifier
in the overall system. We have implemented and tested Harbor
on SOS operating system. Our experiments were able to
detect and prevent memory corruption caused due to programming
errors in application modules that have been in
use for several months. Our evaluations show that despite
high overhead, Harbor does not degrade application level
performance of the system under typical workloads.

Filename

File

Urlpdfpaper

Urlsrcpaper

Urlpdfpresentation

Urlsrcpresentation

Urlavmedia

Urldoi

Urlpublisher

Urlgooglescholar

Urlciteseer

Pubin

Pubvol

Pubnum

Pubnum end

Pubpagefirst

Pubpagelast

Pubpagecount

Pubdate

Pubdate end

Pubplace

Publisher

Ispublic

Islabdocument

Miscattributes

Document category

Main research area

Editing document