EPA-RIMM: Extensible, Performance Aware Runtime Integrity Checking

The goal of this project is to develop a framework for System Management Mode-based Security Mechanisms that will address the performance challenges and expand the flexibility of runtime checking.

System Management Mode (SMM) is a special x86 processor mode that privileged software such as kernels or hypervisors cannot access or interrupt. Previously, it has been assumed that time spent in SMM would be relatively small and therefore its side effects on privileged software were unimportant; recently, researchers have proposed uses, such as security-related checks, that would greatly increase the amount of runtime spent in this mode.

In initial work we have investigated the performance impacts of time spent in SMM, to characterize the different types of resulting interference.

This work is supported in part by NSF award #1528185.