Adaptive Hardware-Assisted Data-Flow Integrity for Secure RISC-V IoT Devices
摘要
This research work proposes Scalable Data-Flow Integrity (SDFI),ś a security architecture for RISC-V based IoT devices that enables real-time enforcement of Data-Flow Integrity (DFI) with minimal overhead. As IoT ecosystems expand and RISC-V adoption accelerates, protecting embedded systems from sophisticated control-flow and data-flow hijacking attacks has become critical. SDFI integrates three key innovations. First, Region-Aware Dynamic Data-Flow Integrity (RAD-DFI) partitions program execution into logical regions and applies sensitivity-based tracking, significantly reducing runtime overhead. Second, Metadata-Aware Hardware Tagging (MAHT) leverages custom RISC-V ISA extensions to attach real-time metadata tags to data and instruction flows, enabling efficient and hardware-level policy verification. Third, a hybrid optimization technique called the Dragon Wolf Optimizer (DWO)—combining Grey Wolf Optimizer and Dragonfly Algorithm—dynamically tunes verification thresholds and resource allocation for improved performance across varying execution contexts. The proposed secure RISC-V model achieves 95.6% detection accuracy with only 14.3% runtime and 11.1% memory overhead. It records a low security violation rate of 2.3%, 2.4 ns tag propagation latency, 91.5% policy enforcement efficiency, and an adaptability index of 66.4, demonstrating a scalable and hardware-efficient security framework for next-generation IoT systems.