{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,21]],"date-time":"2025-11-21T11:29:59Z","timestamp":1763724599970,"version":"3.41.0"},"reference-count":37,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2022,1,31]],"date-time":"2022-01-31T00:00:00Z","timestamp":1643587200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Embed. Comput. Syst."],"published-print":{"date-parts":[[2022,1,31]]},"abstract":"<jats:p>Emerging byte-addressable Non-Volatile Memory (NVM) technology, although promising superior memory density and ultra-low energy consumption, poses unique challenges to achieving persistent data privacy and computing security, both of which are critically important to the embedded and IoT applications. Specifically, to successfully restore NVMs to their working states after unexpected system crashes or power failure, maintaining and recovering all the necessary security-related metadata can severely increase memory traffic, degrade runtime performance, exacerbate write endurance problem, and demand costly hardware changes to off-the-shelf processors.<\/jats:p>\n          <jats:p>In this article, we designed and implemented ARES, a new FPGA-assisted processor-transparent security mechanism that aims at efficiently and effectively achieving all three aspects of a security triad\u2014confidentiality, integrity, and recoverability\u2014in modern embedded computing. Given the growing prominence of CPU-FPGA heterogeneous computing architectures, ARES leverages FPGA\u2019s hardware reconfigurability to offload performance-critical and security-related functions to the programmable hardware without microprocessors\u2019 involvement. In particular, recognizing that the traditional Merkle tree caching scheme cannot fully exploit FPGA\u2019s parallelism due to its sequential and recursive function calls, we (1) proposed a Merkle tree cache architecture that partitions a unified cache into multiple levels with parallel accesses and (2) further designed a novel Merkle tree scheme that flattened and reorganized the computation in the traditional Merkle tree verification and update processes to fully exploit the parallel cache ports and to fully pipeline time-consuming hashing operations. Beyond that, to accelerate the metadata recovery process, multiple parallel recovery units are instantiated to recover counter metadata and multiple Merkle sub-trees.<\/jats:p>\n          <jats:p>Our hardware prototype of the ARES system on a Xilinx U200 platform shows that ARES achieved up to 1.4\u00d7 lower latency and 2.6\u00d7 higher throughput against the baseline implementation, while metadata recovery time was shortened by 1.8 times. When integrated with an embedded processor, neither hardware changes nor software changes are required. We also developed a theoretical framework to analytically model and explain experimental results.<\/jats:p>","DOI":"10.1145\/3492735","type":"journal-article","created":{"date-parts":[[2022,2,10]],"date-time":"2022-02-10T15:14:22Z","timestamp":1644506062000},"page":"1-32","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["ARES: Persistently Secure Non-Volatile Memory with Processor-transparent and Hardware-friendly Integrity Verification and Metadata Recovery"],"prefix":"10.1145","volume":"21","author":[{"given":"Yu","family":"Zou","sequence":"first","affiliation":[{"name":"University of Central Florida, Orlando, FL, US"}]},{"given":"Kazi Abu","family":"Zubair","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC, US"}]},{"given":"Mazen","family":"Alwadi","sequence":"additional","affiliation":[{"name":"University of Central Florida, Orlando, FL, US"}]},{"given":"Rakin Muhammad","family":"Shadab","sequence":"additional","affiliation":[{"name":"University of Central Florida, Orlando, FL, US"}]},{"given":"Sanjay","family":"Gandham","sequence":"additional","affiliation":[{"name":"University of Central Florida, Orlando, FL, US"}]},{"given":"Amro","family":"Awad","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC, US"}]},{"given":"Mingjie","family":"Lin","sequence":"additional","affiliation":[{"name":"University of Central Florida, Orlando, FL, US"}]}],"member":"320","published-online":{"date-parts":[[2022,2,10]]},"reference":[{"key":"e_1_3_3_2_2","doi-asserted-by":"crossref","unstructured":"Mazen Alwadi Kazi Zubair David Mohaisen and Amro Awad. 2020. Phoenix: Towards ultra-low overhead recoverable and persistently secure nvm. IEEE Transactions on Dependable and Secure Computing .","DOI":"10.1109\/TDSC.2020.3020085"},{"key":"e_1_3_3_3_2","doi-asserted-by":"publisher","DOI":"10.1145\/2954679.2872377"},{"key":"e_1_3_3_4_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45238-6_26"},{"issue":"86","key":"e_1_3_3_5_2","first-page":"1","article-title":"Intel SGX explained.","volume":"2016","author":"Costan Victor","year":"2016","unstructured":"Victor Costan and Srinivas Devadas. 2016. Intel SGX explained. IACR Cryptol. ePrint Arch. 2016, 86 (2016), 1\u2013118.","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"e_1_3_3_6_2","doi-asserted-by":"crossref","unstructured":"Donald Eastlake and Paul Jones. 2001. US secure hash algorithm 1 (SHA1).","DOI":"10.17487\/rfc3174"},{"key":"e_1_3_3_7_2","doi-asserted-by":"crossref","unstructured":"Samantha J. Edirisooriya Shanker R. Nagesh Blaine R. Monson and Pankaj Kumar. 2018. Method and apparatus for completing pending write requests to volatile memory prior to transitioning to self-refresh mode. US Patent 10 127 968.November 13 2018.","DOI":"10.34122\/jip.2018.12.13.4.127"},{"key":"e_1_3_3_8_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-74735-2_20"},{"key":"e_1_3_3_9_2","article-title":"Amazon.com Goes Down, Loses $66,240 Per Minute","year":"2013","unstructured":"Forbes. 2013. Amazon.com Goes Down, Loses $66,240 Per Minute. Retrieved from https:\/\/www.forbes.com\/sites\/kellyclay\/2013\/08\/19\/amazon-com-goes-down-loses-66240-per-minute\/?sh=3c1ad34f495c.","journal-title":"https:\/\/www.forbes.com\/sites\/kellyclay\/2013\/08\/19\/amazon-com-goes-down-loses-66240-per-minute\/?sh=3c1ad34f495c"},{"key":"e_1_3_3_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO50266.2020.00015"},{"key":"e_1_3_3_11_2","volume-title":"Proceedings of the 9th International Symposium on High Performance Computer Architecture","author":"Gassend Blaise","year":"2003","unstructured":"Blaise Gassend, E. Suh, Dwaine Clarke, Marten Van Dijk, and Srinivas Devadas. 2003. Caches and merkle trees for efficient memory authentication. In Proceedings of the 9th International Symposium on High Performance Computer Architecture."},{"key":"e_1_3_3_12_2","doi-asserted-by":"publisher","DOI":"10.1007\/11545262_31"},{"key":"e_1_3_3_13_2","first-page":"95","volume-title":"Proceedings of the International Workshop on Selected Areas in Cryptography","author":"Hall W. Eric","year":"2005","unstructured":"W. Eric Hall and Charanjit S. Jutla. 2005. Parallelizable authentication trees. In Proceedings of the International Workshop on Selected Areas in Cryptography. Springer, 95\u2013109."},{"key":"e_1_3_3_14_2","article-title":"Intel Architecture Memory Encryption Technologies Specification","year":"2020","unstructured":"Intel. 2020. Intel Architecture Memory Encryption Technologies Specification. Retrieved from https:\/\/software.intel.com\/sites\/default\/files\/managed\/a5\/16\/Multi-Key-Total-Memory-Encryption-Spec.pdf?source=techstories.org.","journal-title":"https:\/\/software.intel.com\/sites\/default\/files\/managed\/a5\/16\/Multi-Key-Total-Memory-Encryption-Spec.pdf?source=techstories.org"},{"key":"e_1_3_3_15_2","article-title":"Intel Optane Persistent Memory","year":"2020","unstructured":"Intel. 2020. Intel Optane Persistent Memory. Retrieved from https:\/\/www.intel.com\/content\/www\/us\/en\/ architecture-and-technology\/optane-dc-persistent-memory.html.","journal-title":"https:\/\/www.intel.com\/content\/www\/us\/en\/ architecture-and-technology\/optane-dc-persistent-memory.html"},{"key":"e_1_3_3_16_2","article-title":"Intel Optane Persistent Memory Write Endurance","year":"2020","unstructured":"Intel. 2020. Intel Optane Persistent Memory Write Endurance. Retrieved from https:\/\/www.intel.com\/content\/www\/us\/en\/architecture-and-technology\/optane-technology\/delivering-new-levels-of-endurance-article-brief.html.","journal-title":"https:\/\/www.intel.com\/content\/www\/us\/en\/architecture-and-technology\/optane-technology\/delivering-new-levels-of-endurance-article-brief.html"},{"key":"e_1_3_3_17_2","article-title":"Intel SGX","year":"2020","unstructured":"Intel. 2020. Intel SGX. Retrieved from https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/topics\/software-guard-extensions\/details.html.","journal-title":"https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/topics\/software-guard-extensions\/details.html"},{"key":"e_1_3_3_18_2","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA47549.2020.00048"},{"key":"e_1_3_3_19_2","doi-asserted-by":"publisher","DOI":"10.1145\/3307650.3322206"},{"key":"e_1_3_3_20_2","first-page":"19","article-title":"Memory bandwidth and machine balance in current high performance computers","author":"McCalpin John D.","year":"1995","unstructured":"John D. McCalpin. 1995. Memory bandwidth and machine balance in current high performance computers. Proceedings of the IEEE Computer Society Technical Committee on Computer Architecture Newsletter, 19\u201325.","journal-title":"Proceedings of the IEEE Computer Society Technical Committee on Computer Architecture Newsletter"},{"key":"e_1_3_3_21_2","article-title":"BEEBS: Open benchmarks for energy measurements on embedded platforms","author":"Pallister James","year":"2013","unstructured":"James Pallister, Simon Hollis, and Jeremy Bennett. 2013. BEEBS: Open benchmarks for energy measurements on embedded platforms. arXiv:1308.5174. Retrieved from https:\/\/arxiv.org\/abs\/1308.5174.","journal-title":"arXiv:1308.5174"},{"key":"e_1_3_3_22_2","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2007.44"},{"key":"e_1_3_3_23_2","article-title":"Deprecating the PCOMMIT Instruction","author":"Rudoff Andy","year":"2016","unstructured":"Andy Rudoff. 2016. Deprecating the PCOMMIT Instruction. Retrieved from Software.Intel.com\/en-us\/blogs\/2016\/09\/12\/deprecate-pcommit-instruction, Intel Corp.","journal-title":"Software.Intel.com\/en-us\/blogs\/2016\/09\/12\/deprecate-pcommit-instruction, Intel Corp"},{"key":"e_1_3_3_24_2","doi-asserted-by":"publisher","DOI":"10.1145\/782814.782838"},{"key":"e_1_3_3_25_2","doi-asserted-by":"publisher","DOI":"10.1145\/2611765.2611774"},{"key":"e_1_3_3_26_2","doi-asserted-by":"publisher","DOI":"10.23919\/DATE.2018.8342089"},{"key":"e_1_3_3_27_2","doi-asserted-by":"publisher","DOI":"10.1109\/TVLSI.2019.2923004"},{"key":"e_1_3_3_28_2","doi-asserted-by":"publisher","DOI":"10.1145\/3394885.3431593"},{"key":"e_1_3_3_29_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISVLSI.2017.45"},{"key":"e_1_3_3_30_2","doi-asserted-by":"publisher","DOI":"10.23919\/FPL.2017.8056797"},{"key":"e_1_3_3_31_2","article-title":"UG909 Vivado Partial Reconfiguration","year":"2018","unstructured":"Xilinx. 2018. UG909 Vivado Partial Reconfiguration. Retrieved from https:\/\/www.xilinx.com\/support\/documentation\/sw_manuals\/xilinx2018_1\/ug909-vivado-partial-reconfiguration.pdf.","journal-title":"https:\/\/www.xilinx.com\/support\/documentation\/sw_manuals\/xilinx2018_1\/ug909-vivado-partial-reconfiguration.pdf"},{"key":"e_1_3_3_32_2","doi-asserted-by":"publisher","DOI":"10.1145\/3381835"},{"key":"e_1_3_3_33_2","doi-asserted-by":"publisher","DOI":"10.1145\/3316781.3317869"},{"key":"e_1_3_3_34_2","volume-title":"Osiris: A Low-Cost Mechanism to Enable Restoration of Secure Non-Volatile Memories.","author":"Ye Mao","year":"2018","unstructured":"Mao Ye, Clayton Hughes, and Amro Awad. 2018. Osiris: A Low-Cost Mechanism to Enable Restoration of Secure Non-Volatile Memories.Technical Report. Sandia National Laboratory, Albuquerque, NM."},{"key":"e_1_3_3_35_2","first-page":"715","article-title":"DSPstone: A DSP-oriented benchmarking methodology","author":"Zivojnovic Vojin","year":"1994","unstructured":"Vojin Zivojnovic. 1994. DSPstone: A DSP-oriented benchmarking methodology. In Proceedings of the Signal Processing Applications & Technology Conference, 715\u2013720.","journal-title":"Proceedings of the Signal Processing Applications & Technology Conference"},{"key":"e_1_3_3_36_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISVLSI.2019.00066"},{"key":"e_1_3_3_37_2","doi-asserted-by":"publisher","DOI":"10.1145\/3307650.3322252"},{"key":"e_1_3_3_38_2","doi-asserted-by":"publisher","DOI":"10.1145\/3352460.3358290"}],"container-title":["ACM Transactions on Embedded Computing Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3492735","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3492735","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:53Z","timestamp":1750188653000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3492735"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,1,31]]},"references-count":37,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2022,1,31]]}},"alternative-id":["10.1145\/3492735"],"URL":"https:\/\/doi.org\/10.1145\/3492735","relation":{},"ISSN":["1539-9087","1558-3465"],"issn-type":[{"type":"print","value":"1539-9087"},{"type":"electronic","value":"1558-3465"}],"subject":[],"published":{"date-parts":[[2022,1,31]]},"assertion":[{"value":"2020-02-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-10-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-02-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}