SIMULATION OF PERIPHERAL DEVICE SECURITY: IMPLEMENTATION AND PRACTICAL EVLUATION OF ADDRESS SPACES PROTECTION IN A TRUSTED MICROPROCESSOR EMULATOR
Managing information security in automated control systems in conditions the growing number of cyber threats requires the development of specialized architecturally resilient solutions. Necessary security can be achieved through the use of trusted microprocessors and systems based on them. During th...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Joint Stock Company "Experimental Scientific and Production Association SPELS
2025-07-01
|
| Series: | Безопасность информационных технологий |
| Subjects: | |
| Online Access: | https://bit.spels.ru/index.php/bit/article/view/1819 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Managing information security in automated control systems in conditions the growing number of cyber threats requires the development of specialized architecturally resilient solutions. Necessary security can be achieved through the use of trusted microprocessors and systems based on them. During the design phase of trusted microprocessors for digital control systems, simulation tools are employed to make informed decisions about architectural modifications. The methodology of instruction-level simulation offers unique opportunities for testing security algorithms, including comprehensive functionality verification, optimization of operational parameters, and analysis of cybersecurity mechanisms. This approach aims to predict the operational characteristics of the final product through the analysis of its virtual model, reducing the risk of implementing vulnerable design solutions. Unlike conventional RTL-based design processes, this methodology eliminates the need for lengthy creation and verification stages, thereby minimizing development time and avoiding resource expenditure on suboptimal designs. The objective of this work is to enhance the security of automated control systems for technological processes through the development of architectural solutions based on trusted microprocessors. These solutions incorporate hardware mechanisms for memory resource isolation and provide multi-layered protection. A key focus is placed on implementing an I/O Memory Management Unit (IOMMU) in the simulator, enabling the simulation and testing of unauthorized access prevention scenarios via peripheral devices. The IOMMU block facilitates the isolation or mapping of I/O operations to different address spaces. This paper presents the design and implementation of the IOMMU block, including the pagewalk mechanism, which retrieves translation tables for the translation lookaside buffer (TLB) through stepwise memory accesses. The functioning of the IOMMU in mitigating security threats is demonstrated through practical tests. The methodology was validated using real-world tasks, where a trusted processor simulator successfully booted a Linux operating system with IOMMU support. The correct operation of the memory management unit during I/O operations was confirmed. |
|---|---|
| ISSN: | 2074-7128 2074-7136 |