This work addresses the significant CPU utilization degradation in existing Control-Flow Attestation (CFAud) architectures caused by "busy-waiting" during evidence transmission. To resolve this issue, the authors propose CARAMEL, a hardware-software co-designed architecture featuring a lightweight, self-contained Root of Trust (RoT) and a dedicated communication interface. CARAMEL decouples evidence transmission from main program execution without compromising security, thereby eliminating resource contention between attestation and application tasks. The proposed approach substantially improves CPU utilization while incurring minimal hardware overhead. The implementation and evaluation code have been open-sourced to facilitate reproducibility and further research.

Micro-Controller Units (MCUs) are widely used in safety-critical systems, making them attractive targets for attacks. This calls for lightweight defenses that remain effective despite software compromise. Control Flow Auditing (CFAud) is one such mechanism wherein a remote verifier (Vrf) is guaranteed to received evidence about the control flow path taken on a prover (Prv) MCU, even when Prv software is compromised. Despite promising benefits, current CFAud architectures unfortunately require a ``busy-wait'' phase where a hardware-anchored root-of-trust (RoT) in Prv retains execution control to ensure delivery of control flow evidence to Vrf. This drastically reduces the CPU utilization on Prv. In this work, we addresses this limitation with an architecture for Contention Avoidance in Runtime Auditing with Minimized Execution Latency (CARAMEL). CARAMEL is a hardware-software RoT co-design that enables Prv applications to resume while control flow evidence is transmitted to Vrf. This significantly reduces contention due to transmission delays and improves CPU utilization without giving up on security. Key to CARAMEL is our design of a new RoT with a self-contained (and minimal) dedicated communication interface. CARAMEL's implementation and accompanying evaluation are made open-source. Our results show substantially improved CPU utilization at a modest hardware cost.