SpecCFA: Enhancing Control Flow Attestation/Auditing via Application-Aware Sub-Path Speculation
Adam Caulfield, Liam Tyler, Ivan De Oliveira Nunes
TL;DR
SpecCFA addresses the scalability bottleneck of CFA on resource-constrained MCUs by enabling application-aware sub-path speculation that replaces matching segments of the $CF_{Log}$ with short symbols without losing verifiability. It provides two concrete implementations—custom hardware and TrustZone-M based TEEs—and demonstrates substantial reductions in storage, bandwidth, and end-to-end latency while preserving CFA guarantees. The approach combines verifier-defined sub-paths, program analysis, and both automated and manual selection strategies to tailor speculation to each workload. Public prototypes and evaluations indicate that CFA can scale to safety-critical edge systems with modest hardware and cryptographic costs.
Abstract
At the edge of modern cyber-physical systems, Micro-Controller Units (MCUs) are responsible for safety-critical sensing/actuation. However, MCU cost constraints rule out the usual security mechanisms of general-purpose computers. Thus, various low-cost security architectures have been proposed to remotely verify MCU software integrity. Control Flow Attestation (CFA) enables a Verifier (Vrf) to remotely assess the run-time behavior of a prover MCU (Prv), generating an authenticated trace of all of Prv control flow transfers (CFLog). Further, Control Flow Auditing architectures augment CFA by guaranteeing the delivery of evidence to Vrf. Unfortunately, a limitation of existing CFA lies in the cost to store and transmit CFLog, as even simple MCU software may generate large traces. Given these issues, prior work has proposed static (context-insensitive) optimizations. However, they do not support configurable program-specific optimizations. In this work, we note that programs may produce unique predictable control flow sub-paths and argue that program-specific predictability can be leveraged to dynamically optimize CFA while retaining all security guarantees. Therefore, we propose SpecCFA: an approach for dynamic sub-path speculation in CFA. SpecCFA allows Vrf to securely speculate on likely control flow sub-paths for each attested program. At run-time, when a sub-path in CFLog matches a pre-defined speculation, the entire sub-path is replaced by a reserved symbol. SpecCFA can speculate on multiple variable-length control flow sub-paths simultaneously. We implement SpecCFA atop two open-source control flow auditing architectures: one based on a custom hardware design and one based on a commodity Trusted Execution Environment (ARM TrustZone-M). In both cases, SpecCFA significantly lowers storage/performance costs that are critical to resource-constrained MCUs.