Date of Award
Master of Science (MS)
Devices built on embedded systems are widely used in our daily lives. Nowadays, firmware typically uses C and C++ for efficiency and durability. However, those languages are unsafe which can lead to many software and system security issues. Attackers can easily corrupt a system by issuing various memory corruption attacks on a vulnerable program. Control-flow integrity is one of the most prevalent mechanisms used to protect against memory corruption. Most research papers and prototypes focus on using CFI on high-performance chips such as Intel and ARM Cortex-A. However, many embedded systems targeting time critical services are built on resource constrained devices. Many mechanisms cannot work, or have large runtime overhead, when been applied to those embedded systems. This paper presents work applying a CFI policy on resource constrained systems while sustaining security guarantees. We propose a mechanism for applying control-flow integrity in real-time embedded systems to mitigate memory corruption attacks.
Christopher Gill, Sanjoy Baruah