Abstract
The Dover inherently secure processor being developed at Draper extends a conventional CPU (we use an open-source RISC-V implementation) with a Policy EXecution coprocessor (PEX). The PEX maintains metadata at the granularity of every word accessible by the application processor (AP), including registers, and the PEX enforces software-defined policies at the granularity of each instruction executed by the AP CPU. Hardware interlocks enforce strict separation between user-land code & data and policy-related code & data. Dover achieves high performance by using caches for acceptable combinations of instructions and associated metadata. Dover maintains flexibility with respect to the host AP CPU by imposing minimal changes to the AP CPU. A Dover system, in conjunction with a Dover-specialized kernel and modifications to the GCC toolchain, can implement a wide range of security and safety policies on top of existing C-based applications.
Add the publication’s full text or supplementary notes here. You can use rich formatting such as including code, math, and images.
