research-article

Open access

Architectural Support for Software-Defined Metadata Processing

Authors:

Catalin Hritcu,

Nikos Vasilakis,

Silviu Chiricescu,

Jonathan M. Smith,

Thomas F. Knight, Jr.,

Benjamin C. Pierce,

Andre DeHonAuthors Info & Claims

ASPLOS '15: Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems

Pages 487 - 502

https://doi.org/10.1145/2694344.2694383

Published: 14 March 2015 Publication History

Abstract

Optimized hardware for propagating and checking software-programmable metadata tags can achieve low runtime overhead. We generalize prior work on hardware tagging by considering a generic architecture that supports software-defined policies over metadata of arbitrary size and complexity; we introduce several novel microarchitectural optimizations that keep the overhead of this rich processing low. Our model thus achieves the efficiency of previous hardware-based approaches with the flexibility of the software-based ones. We demonstrate this by using it to enforce four diverse safety and security policies---spatial and temporal memory safety, taint tracking, control-flow integrity, and code and data separation---plus a composite policy that enforces all of them simultaneously. Experiments on SPEC CPU2006 benchmarks with a PUMP-enhanced RISC processor show modest impact on runtime (typically under 10%) and power ceiling (less than 10%), in return for some increase in energy usage (typically under 60%) and area for on-chip memory structures (110%).

References

[1]

Alpha Architecture Handbook. Digital Equipment Corporation, 1992.

[2]

M. Abadi, M. Budiu, Ú. Erlingsson, and J. Ligatti. Control-flow integrity. In 12th ACM Conference on Computer and Communications Security, pages 340--353. ACM, 2005.

Digital Library

[3]

M. Abadi, M. Budiu, Ú. Erlingsson, and J. Ligatti. Control-flow integrity principles, implementations, and applications. ACM Transactions on Information System Security, 13(1), 2009.

Digital Library

[4]

M. Abadi and C. Fournet. Access control based on execution history. In Proceedings of the 10th Annual Network and Distributed System Security Symposium, pages 107--121. The Internet Society, 2003.

[5]

D. Arora, S. Ravi, A. Raghunathan, and N. K. Jha. Architectural support for run-time validation of program data properties. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 15(5):546--559, May 2007.

Digital Library

[6]

Arvind, R. S. Nikhil, and K. K. Pingali. I-structures: Data structures for parallel computing. In Proceedings of the Workshop on Graph Reduction (Springer-Verlag Lecture Notes in Computer Science 279), Sept. 1986.

Digital Library

[7]

T. H. Austin and C. Flanagan. Efficient purely-dynamic information flow analysis. In Workshop on Programming Languages and Analysis for Security (PLAS), PLAS, pages 113--124. ACM, 2009.

Digital Library

[8]

A. Bichhawat, V. Rajani, D. Garg, and C. Hammer. Information flow control in WebKit's JavaScript bytecode. In 3rd International Conference on Principles of Security and Trust, volume 8414 of Lecture Notes in Computer Science, pages 159--178. Springer, 2014.

[9]

N. Binkert, B. Beckmann, G. Black, S. K. Reinhardt, A. Saidi, A. Basu, J. Hestness, D. R. Hower, T. Krishna, S. Sardashti, R. Sen, K. Sewell, M. Shoaib, N. Vaish, M. D. Hill, and D. A. Wood. The gem5 simulator. SIGARCH Comput. Archit. News, 39(2):1--7, Aug. 2011.

Digital Library

[10]

E. Blem, J. Menon, and K. Sankaralingam. Power Struggles: Revisiting the RISC vs. CISC Debate on Contemporary ARM and x86 Architectures. In Proc. HPCA, pages 1--12, 2013.

Digital Library

[11]

J. Brown and T. F. Knight, Jr. A minimally trusted computing base for dynamically ensuring secure information flow. Technical Report 5, MIT CSAIL, November 2001. Aries Memo No. 15.

[12]

J. M. Chambers, W. S. Cleveland, B. Kleiner, and P. A. Tukey. Graphical Methods for Data Analysis. Wadsworth Statistics/Probability Series. Duxbury Press, 1983.

[13]

S. Chen, B. Falsafi, P. B. Gibbons, M. Kozuch, T. C. Mowry, R. Teodorescu, A. Ailamaki, L. Fix, G. R. Ganger, B. Lin, and S. W. Schlosser. Log-based architectures for general-purpose monitoring of deployed code. In 1st Workshop on Architectural and System Support for Improving Software Dependability (ASID), pages 63--65. ACM, 2006.

Digital Library

[14]

S. Chen, M. Kozuch, T. Strigkos, B. Falsafi, P. B. Gibbons, T. C. Mowry, V. Ramachandran, O. Ruwase, M. P. Ryan, and E. Vlachos. Flexible hardware acceleration for instruction-grain program monitoring. In 35th International Symposium on Computer Architecture (ISCA), pages 377--388. IEEE, 2008.

Digital Library

[15]

S. Chen, J. Xu, N. Nakka, Z. Kalbarczyk, and R. Iyer. Defeating memory corruption attacks via pointer taintedness detection. In International Conference on Dependable Systems and Networks (DSN), pages 378--387, 2005.

Digital Library

[16]

Y.-Y. Chen, P. A. Jamkhedkar, and R. B. Lee. A software- hardware architecture for self-protecting data. In ACM Conference on Computer and Communications Security, pages 14--27. ACM, 2012.

Digital Library

[17]

J. A. Clause, I. Doudalis, A. Orso, and M. Prvulovic. Effective memory protection using dynamic tainting. In 22nd IEEE/ACM International Conference on Automated Software Engineering (ASE), pages 284--292. ACM, 2007.

Digital Library

[18]

M. L. Corliss, E. C. Lewis, and A. Roth. DISE: a programmable macro engine for customizing applications. SIGARCH Comput. Archit. News, 31(2):362--373, May 2003.

Digital Library

[19]

J. R. Crandall, F. T. Chong, and S. F. Wu. Minos: Architectural support for protecting control data. ACM Transactions on Architecture and Code Optimization, 5:359--389, December 2006.

Digital Library

[20]

J. Criswell, N. Dautenhahn, and V. Adve. KCoFI: Complete control-flow integrity for commodity operating system kernels. In IEEE Security and Privacy Symposium, 2014.

Digital Library

[21]

W. J. Dally, J. Balfour, D. Black-Shaffer, J. Chen, R. C. Harting, V. Parikh, J. Park, and D. Sheffield. Efficient embedded computing. IEEE Computer, 41(7):27--32, July 2008.

Digital Library

[22]

M. Dalton, H. Kannan, and C. Kozyrakis. Raksha: a flexible information flow architecture for software security. In International Symposium on Computer Architecture (ISCA), pages 482--493, 2007.

Digital Library

[23]

L. Davi, A. Sadeghi, D. Lehmann, and F. Monrose. Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection. In 23rd USENIX Security Symposium, pages 401--416, 2014.

Digital Library

[24]

D. Y. Deng and G. E. Suh. High-performance parallel accelerator for flexible and efficient run-time monitoring. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pages 1--12. IEEE Computer Society, 2012.

Digital Library

[25]

J. Devietti, C. Blundell, M. M. K. Martin, and S. Zdancewic. HardBound: Architectural support for spatial safety of the C programming language. In 13th International Conference on Architectural Support for Programming Languages and Operating Systems, pages 103--114, 2008.

Digital Library

[26]

U. Dhawan and A. DeHon. Area-efficient near-associative memories on FPGAs. In Proceedings of the International Symposium on Field-Programmable Gate Arrays, pages 191--200, 2013.

Digital Library

[27]

U. Dhawan, C. Hriţcu, R. Rubin, N. Vasilakis, S. Chiricescu, J. M. Smith, T. F. Knight, Jr., B. C. Pierce, and A. DeHon. Online appendix to Architectural support for software-defined metadata processing. Available from http://ic.ese.upenn.edu/abstracts/sdmp_asplos2015.html, January 2015.

Digital Library

[28]

Ú. Erlingsson, M. Abadi, M. Vrable, M. Budiu, and G. C. Necula. XFI: Software guards for system address spaces. In 7th Symposium on Operating Systems Design and Implementation, pages 75--88. USENIX Association, 2006.

Digital Library

[29]

E. A. Feustel. On the advantages of tagged architectures. IEEE Transactions on Computers, 22:644--652, July 1973.

Digital Library

[30]

S. Fytraki, E. Vlachos, Y. O. Koçberber, B. Falsafi, and B. Grot. FADE: A programmable filtering accelerator for instruction-grain monitoring. In 20th IEEE International Symposium on High Performance Computer Architecture, pages 108--119, 2014.

[31]

E. Göktaş, E. Athanasopoulos, H. Bos, and G. Portokalidis. Out of control: Overcoming control-flow integrity. In IEEE Symposium on Security and Privacy, 2014.

Digital Library

[32]

D. Hedin and A. Sabelfeld. Information-flow security for a core of JavaScript. In 25th IEEE Computer Security Foundations Symposium (CSF), CSF, pages 3--18. IEEE, 2012.

Digital Library

[33]

J. L. Henning. SPEC CPU2006 benchmark descriptions. SIGARCH Comput. Archit. News, 34(4):1--17, Sept. 2006.

Digital Library

[34]

M. E. Houdek, F. G. Soltis, and R. L. Hoffman. IBM System/38 Support for Capability-based Addressing. In Proceedings of the Eighth Annual Symposium on Computer Architecture, pages 341--348, 1981.

Digital Library

[35]

C. Hriţtcu, M. Greenberg, B. Karel, B. C. Pierce, and G. Morrisett. All your IFCException are belong to us. In 34th IEEE Symposium on Security and Privacy, pages 3--17. IEEE Computer Society Press, May 2013.

Digital Library

[36]

Introduction to Intel Memory Protection extensions. http://software.intel.com/en-us/articles/introduction-to-intel-memory-protection-extensions. Accessed: 2014-05-24.

[37]

M. G. Kang, S. McCamant, P. Poosankam, and D. Song. DTA++: Dynamic taint analysis with targeted control-flow propagation. In Network and Distributed System Security Symposium (NDSS). The Internet Society, 2011.

[38]

H. Kannan. Ordering decoupled metadata accesses in multi-processors. In Proceedings of IEEE/ACM International Symposium on Microarchitecture, MICRO 42, pages 381--390, 2009.

Digital Library

[39]

D. King, B. Hicks, M. Hicks, and T. Jaeger. Implicit flows: Can't live with 'em, can't live without 'em. In 4th International Conference on Information Systems Security, ICISS, pages 56--70, 2008.

Digital Library

[40]

A. Kwon, U. Dhawan, J. M. Smith, T. F. Knight, Jr., and A. DeHon. Low-fat pointers: compact encoding and efficient gate-level implementation of fat pointers for spatial safety and capability-based security. In ACM SIGSAC Conference on Computer and Communications Security (CCS), pages 721--732. ACM, 2013.

Digital Library

[41]

K. Mai, R. Ho, E. Alon, D. Liu, Y. Kim, D. Patil, and M. Horowitz. Architecture and Circuit Techniques for a 1.1GHz 16-kb Reconfigurable Memory in 0.18um-CMOS. IEEE J. Solid-State Circuits, 40(1):261--275, January 2005.

[42]

F. McKeen, I. Alexandrovich, A. Berenzon, C. V. Rozas, H. Shafi, V. Shanbhogue, and U. R. Savagaonkar. Innovative instructions and software model for isolated execution. In Workshop on Hardware and Architectural Support for Security and Privacy, pages 10:1--10:1, 2013.

Digital Library

[43]

M. S. Miller, K.-P. Yee, and J. Shapiro. Capability myths demolished. Version submitted to Usenix Security 2003., 2003.

[44]

D. A. Moon. Architecture of the Symbolics 3600. In Proceedings of the 12th Annual International Symposium on Computer Architecture, ISCA, pages 76--83, Los Alamitos, CA, USA, 1985. IEEE Computer Society.

Digital Library

[45]

N. Muralimanohar, R. Balasubramonian, and N. P. Jouppi. CACTI 6.0: A tool to model large caches. HPL 2009-85, HP Labs, Palo Alto, CA, April 2009. Latest code release for CACTI 6 is 6.5.

[46]

S. Nagarakatte, M. M. K. Martin, and S. Zdancewic. Hardware-Enforced Comprehensive Memory Safety. IEEE Micro, 33(3):38--47, May-June 2013.

Digital Library

[47]

S. Nagarakatte, M. M. K. Martin, and S. Zdancewic. Watch- dogLite: Hardware-accelerated compiler-based pointer checking. In 12th Annual IEEE/ACM International Symposium on Code Generation and Optimization, page 175. ACM, 2014.

Digital Library

[48]

S. Nagarakatte, J. Zhao, M. M. K. Martin, and S. Zdancewic. CETS: compiler enforced temporal safety for C. In 9th International Symposium on Memory Management, pages 31--40. ACM, 2010.

Digital Library

[49]

J. Newsome and D. X. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In the Network and Distributed System Security Symposium (NDSS). The Internet Society, 2005.

[50]

B. Niu and G. Tan. Modular control-flow integrity. In ACM SIGPLAN Conference on Programming Language Design and Implementation, page 58. ACM, 2014.

Digital Library

[51]

E. I. Organick. Computer System Organization: The B5700/B6700 Series. Academic Press, 1973.

Digital Library

[52]

D. A. Patterson and C. H. Sequin. RISC I: A Reduced Instruction Set VLSI Computer. In Proceedings of the 8th Annual Symposium on Computer Architecture, ISCA '81, pages 443--457, 1981.

Digital Library

[53]

F. Qin, C. Wang, Z. Li, H. Kim, Y. Zhou, and Y. Wu. LIFT: A low-overhead practical information flow tracking system for detecting security attacks. In 39th IEEE/ACM International Symposium on Microarchitecture (MICRO-39), pages 135--148, 2006.

Digital Library

[54]

M. Rinard, C. Cadar, D. Dumitran, D. M. Roy, T. Leu, and W. S. Beebee, Jr. Enhancing Server Availability and Security Through Failure-Oblivious Computing. In Proceedings of the Symposium on Operating Systems Design and Implementation (OSDI), December 2004.

Digital Library

[55]

D. Ritchie and K. Thompson. The UNIX Time-Sharing System. Bell System Technical Journal, 57(6):1905--1930, 1978.

[56]

A. Russo and A. Sabelfeld. Dynamic vs. static flow-sensitive security analysis. In 23rd Computer Security Foundations Symposium (CSF), CSF, pages 186--199. IEEE Computer Society, 2010.

Digital Library

[57]

O. Ruwase and M. S. Lam. A Practical Dynamic Buffer Overflow Detector. In Proc. NDSS, pages 159--169, 2004.

[58]

S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A dynamic race detector for multi-threaded programs. ACM Transactions on Computer Systems, 15(4), 1997.

Digital Library

[59]

H. Shacham. The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). In Proc. ACM CCS, pages 552--561, Oct. 2007.

Digital Library

[60]

R. Shioya, D. Kim, K. Horio, M. Goshima, and S. Sakai. Low- overhead architecture for security tag. In Proceedings of the 2009 15th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC '09, pages 135--142, Washington, DC, USA, 2009. IEEE Computer Society.

Digital Library

[61]

B. J. Smith. A pipelined, shared-resource MIMD computer. In Proc. ICPP, pages 6--8, 1978.

[62]

D. Stefan, A. Russo, J. C. Mitchell, and D. Mazières. Flexible dynamic information flow control in Haskell. In 4th Symposium on Haskell, pages 95--106. ACM, 2011.

Digital Library

[63]

G. E. Suh, J. W. Lee, D. Zhang, and S. Devadas. Secure program execution via dynamic information flow tracking. In International Conference on Architectural Support for Programming Languages and Operating Systems, pages 85--96, 2004.

Digital Library

[64]

G. S. Taylor, P. N. Hilfinger, J. R. Larus, D. A. Patterson, and B. G. Zorn. Evaluation of the SPUR lisp architecture. In Proceedings of the 13th annual International Symposium on Computer architecture, ISCA, pages 444--452, 1986.

Digital Library

[65]

M. Tiwari, B. Agrawal, S. Mysore, J. Valamehr, and T. Sherwood. A Small Cache of Large Ranges: Hardware Methods for Efficiently Searching, Storing, and Updating Big Dataflow Tags. In Proc. MICRO, pages 94--105, 2008.

Digital Library

[66]

G. Venkataramani, I. Doudalis, Y. Solihin, and M. Prvulovic. FlexiTaint: A programmable accelerator for dynamic taint propagation. In 14th International Symposium on High Performance Computer Architecture (HPCA), pages 173--184, Feb. 2008.

[67]

E. Witchel, J. Cates, and K. Asanovic. Mondrian memory protection. In 10th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS X, pages 304--316, New York, NY, USA, 2002. ACM.

Digital Library

[68]

J. Woodruff, R. N. Watson, D. Chisnall, S. W. Moore, J. Anderson, B. Davis, B. Laurie, P. G. Neumann, R. Norton, and M. Roe. The CHERI capability model: Revisiting RISC in an age of risk. In Proc. of the International Symposium on Computer Architecture (ISCA), pages 457--468, June 2014.

Digital Library

[69]

B. Yee, D. Sehr, G. Dardyk, J. B. Chen, R. Muth, T. Ormandy, S. Okasaka, N. Narula, and N. Fullagar. Native Client: a sandbox for portable, untrusted x86 native code. Communications of the ACM, 53(1):91--99, 2010.

Digital Library

[70]

A. Yip, X. Wang, N. Zeldovich, and M. F. Kaashoek. Improving application security with data flow assertions. In Proceedings of the Symposium on Operating Systems Principles, Big Sky, MT, USA, October 2009.

Digital Library

[71]

N. Zeldovich, H. Kannan, M. Dalton, and C. Kozyrakis. Hardware enforcement of application security policies using tagged memory. In Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, OSDI, pages 225--240. USENIX Association, 2008.

Digital Library

[72]

C. Zhang, T. Wei, Z. Chen, L. Duan, L. Szekeres, S. McCamant, D. Song, and W. Zou. Practical Control Flow Integrity & Randomization for Binary Executables. In IEEE Symposium on Security and Privacy, 2013.

Digital Library

[73]

P. Zhou, R. Teodorescu, and Y. Zhou. HARD: Hardware-assisted lockset-based race recording. In Proc. HPCA, 2007.

Digital Library

Cited By

Song WXie DXue ZLiu P(2024)A Parallel Tag Cache for Hardware Managed Tagged Memory in Multicore ProcessorsIEEE Transactions on Computers10.1109/TC.2024.344183573:11(2488-2503)Online publication date: Nov-2024
https://doi.org/10.1109/TC.2024.3441835
Feng EFeng DDu DXia YChen H(2024)sNPU: Trusted Execution Environments on Integrated NPUs2024 ACM/IEEE 51st Annual International Symposium on Computer Architecture (ISCA)10.1109/ISCA59077.2024.00057(708-723)Online publication date: 29-Jun-2024
https://doi.org/10.1109/ISCA59077.2024.00057
Cunningham GChenji HJuedes DKaranth A(2024)d-GUARD: Thwarting Denial-of-Service Attacks via Hardware Monitoring of Information Flow using Language Semantics in Embedded Systems2024 29th Asia and South Pacific Design Automation Conference (ASP-DAC)10.1109/ASP-DAC58780.2024.10473945(939-944)Online publication date: 22-Jan-2024
https://doi.org/10.1109/ASP-DAC58780.2024.10473945
Show More Cited By

Index Terms

Architectural Support for Software-Defined Metadata Processing
1. Computer systems organization
  1. Architectures

Recommendations

PUMP: a programmable unit for metadata processing
HASP '14: Proceedings of the Third Workshop on Hardware and Architectural Support for Security and Privacy

We introduce the Programmable Unit for Metadata Processing (PUMP), a novel software-hardware element that allows flexible computation with uninterpreted metadata alongside the main computation with modest impact on runtime performance (typically 10--40% ...
Architectural Support for Software-Defined Metadata Processing
ASPLOS '15

Optimized hardware for propagating and checking software-programmable metadata tags can achieve low runtime overhead. We generalize prior work on hardware tagging by considering a generic architecture that supports software-defined policies over ...
Architectural Support for Software-Defined Metadata Processing
ASPLOS'15

Optimized hardware for propagating and checking software-programmable metadata tags can achieve low runtime overhead. We generalize prior work on hardware tagging by considering a generic architecture that supports software-defined policies over ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ASPLOS '15: Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems

March 2015

720 pages

ISBN:9781450328357

DOI:10.1145/2694344

General Chairs:
Ozcan Ozturk
Bilkent University, Turkey
,
Kemal Ebcioglu
Global Supercomputing, USA
,
Program Chair:
Sandhya Dwarkadas
University of Rochester, USA

ACM SIGPLAN Notices Volume 50, Issue 4
ASPLOS '15
April 2015
676 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/2775054
Editor:
Andy Gill
University of Kansas, Lawrence, KS
Issue’s Table of Contents
ACM SIGARCH Computer Architecture News Volume 43, Issue 1
ASPLOS'15
March 2015
676 pages
ISSN:0163-5964
DOI:10.1145/2786763
Editor:
Doug DeGroot
acm dot org
Issue’s Table of Contents

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

In-Cooperation

SIGBED: ACM Special Interest Group on Embedded Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 March 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

DARPA CRASH through ARFL

Conference

ASPLOS '15

Sponsor:

ASPLOS '15: Architectural Support for Programming Languages and Operating Systems

March 14 - 18, 2015

Istanbul, Turkey

Acceptance Rates

ASPLOS '15 Paper Acceptance Rate 48 of 287 submissions, 17%;

Overall Acceptance Rate 535 of 2,713 submissions, 20%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

65
Total Citations
View Citations
2,430
Total Downloads

Downloads (Last 12 months)488
Downloads (Last 6 weeks)48

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Song WXie DXue ZLiu P(2024)A Parallel Tag Cache for Hardware Managed Tagged Memory in Multicore ProcessorsIEEE Transactions on Computers10.1109/TC.2024.344183573:11(2488-2503)Online publication date: Nov-2024
https://doi.org/10.1109/TC.2024.3441835
Feng EFeng DDu DXia YChen H(2024)sNPU: Trusted Execution Environments on Integrated NPUs2024 ACM/IEEE 51st Annual International Symposium on Computer Architecture (ISCA)10.1109/ISCA59077.2024.00057(708-723)Online publication date: 29-Jun-2024
https://doi.org/10.1109/ISCA59077.2024.00057
Cunningham GChenji HJuedes DKaranth A(2024)d-GUARD: Thwarting Denial-of-Service Attacks via Hardware Monitoring of Information Flow using Language Semantics in Embedded Systems2024 29th Asia and South Pacific Design Automation Conference (ASP-DAC)10.1109/ASP-DAC58780.2024.10473945(939-944)Online publication date: 22-Jan-2024
https://doi.org/10.1109/ASP-DAC58780.2024.10473945
Du DYang BXia YChen H(2023)Accelerating Extra Dimensional Page Walks for Confidential ComputingProceedings of the 56th Annual IEEE/ACM International Symposium on Microarchitecture10.1145/3613424.3614293(654-669)Online publication date: 28-Oct-2023
https://dl.acm.org/doi/10.1145/3613424.3614293
Seo JYou JKwon DCho YPaek Y(2023)ZOMETAG: Zone-Based Memory Tagging for Fast, Deterministic Detection of Spatial Memory Violations on ARMIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.329945418(4915-4928)Online publication date: 2023
https://doi.org/10.1109/TIFS.2023.3299454
Wang XFeng LWang Z(2023)ProMiSE: A High-Performance Programmable Hardware Monitor for High Security Enforcement of Software ExecutionIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2023.327158342:11(3599-3612)Online publication date: Nov-2023
https://doi.org/10.1109/TCAD.2023.3271583
Gollapudi RYuksek GDemicco DCole MKothari GKulkarni RZhang XGhose KPrakash AUmrigar Z(2023)Control Flow and Pointer Integrity Enforcement in a Secure Tagged Architecture2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179416(2974-2989)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179416
Khan AXu DTian D(2023)EC: Embedded Systems Compartmentalization via Intra-Kernel Isolation2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179285(2990-3007)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179285
Cunningham GChenji HJuedes DStewart GKaranth A(2023)DAGGER: Exploiting Language Semantics for Program Security in Embedded Systems2023 24th International Symposium on Quality Electronic Design (ISQED)10.1109/ISQED57927.2023.10129334(1-7)Online publication date: 5-Apr-2023
https://doi.org/10.1109/ISQED57927.2023.10129334
Li SWang WLi WZhang D(2023)Hardware-Based Software Control Flow Integrity: Review on the State-of-the-Art Implementation TechnologyIEEE Access10.1109/ACCESS.2023.333704311(133255-133280)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3337043
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents