More Secure Collaborative APIs resistant to Flush-Based Cache Attacks on Cortex-A9 Based Automotive System.

Flush-based cache attacks seriously threaten the security of automotive system based on ARM Cortex-A9 MPCore. Most of the proposed defense schemes have limited detection capabilities or can't detect the malicious attacks fast enough. The method of permanently reducing the resolution of all time APIs in the system is not feasible because the high resolution time API is required for normal running of various applications. In this paper, we propose two more secure collaborative APIs-SafeFlush and SafeTime. In addition to the basic function of flushing a cache line, SafeFlush can also detect and handle the suspected flush-based cache attack process. More importantly, SafeFlush collaborates with SafeTime to effectively resist all flush-based cache attacks. That SafeTime adaptively reduces its resolution for a short time based on the signal sent by SafeFlush makes attacks fail. The attack experiment results show that the success rate of Flush+Reload and flush-based Spectre attacks using SafeFlush and SafeTime APIs can be reduced to less than 1%. Performance experiment results show that the access latency of SafeTime based on global timer is 14.5% slower than the original API and 18% slower based on PMCCNTR. The time consumption of SafeFlush is about 25.2% longer than the original cache flush API. Since SafeFlush and SafeTime are far more secure than the original APIs, their performance loss is acceptable.