Abstract | ||
---|---|---|
Control-Flow Integrity (CFI) is a class of defensive techniques against control-flow attacks such as Return-Oriented Programming. We propose a light-weight CFI scheme for RTOS-based applications, TZmCFI, which utilizes TrustZone for Armv8-M, a hardware-assisted security feature for embedded systems with tight resource constraints. TZmCFI embodies several existing CFI techniques to provide a comprehensive protection. The traditional shadow stack technique is used to ensure stack integrity and validate function returns. To protect exception handlers, TZmCFI extendsshadow exception stacks, which are a variant of the traditional shadow stack technique we proposed in our previous work, for RTOS integration and performance improvement. We conducted an experiment on Arm Versatile Express Cortex-M Prototyping System (V2M-MPS2+) to evaluate the run-time overhead of the proposed system. |
Year | DOI | Venue |
---|---|---|
2021 | 10.1007/s10766-020-00673-z | INTERNATIONAL JOURNAL OF PARALLEL PROGRAMMING |
Keywords | DocType | Volume |
Embedded systems, Control-flow attacks, Real-time operating systems, TrustZone | Journal | 49 |
Issue | ISSN | Citations |
2 | 0885-7458 | 0 |
PageRank | References | Authors |
0.34 | 0 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Tomoaki Kawada | 1 | 0 | 0.34 |
Shinya Honda | 2 | 244 | 29.54 |
Yutaka Matsubara | 3 | 13 | 5.48 |
Hiroaki Takada | 4 | 608 | 87.55 |