<p>Embedded software today is pervasive: they can be found everywhere, from coffee makers and medical devices, to cars and aircraft. Embedded software today is also open and connected to the Internet, exposing them to external attacks that can cause its Control-Flow Integrity (CFI) to be violated. Control-Flow Integrity is an important safety property of software, which ensures that the behavior of the software is not inadvertently changed. The violation of CFI in software can cause unintended behaviors, and can even lead to catastrophic incidents in safety-critical systems. This dissertation develops a two-part approach for CFI: (i) prescribing source-code safetychecks, that prevent the root-causes of CFI, that programmers can insert thems...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
International audienceCyber-attacks are widely known to be a major threat on computing devi...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
A popular software attack on a program is by transferring the program control to malicious code inse...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
The pervasive presence of smart objects in almost every corner of our everyday life urges the securi...
The traditional system safety paradigm of isolating safety-critical functionality is no longer tenab...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Attacks on real-time embedded systems can endanger lives and critical infrastructure. Despite this, ...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
International audienceCyber-attacks are widely known to be a major threat on computing devi...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
Current software attacks often build on exploits that subvert machine-code execution. The enforcemen...
As existing defenses like ASLR, DEP, and stack cookies are not sufficient to stop determined attacke...
Abstract—As existing defenses like ALSR, DEP, and stack cookies are not sufficient to stop determine...
A popular software attack on a program is by transferring the program control to malicious code inse...
Control-Flow Integrity (CFI) is a popular technique to de- fend against State-of-the-Art exploits, b...
Embedded systems have become pervasive and are built into a vast number of devices such as sensors, ...
The pervasive presence of smart objects in almost every corner of our everyday life urges the securi...
The traditional system safety paradigm of isolating safety-critical functionality is no longer tenab...
Despite the intense efforts to prevent programmers from writing code with memory errors, memory corr...
Attacks on real-time embedded systems can endanger lives and critical infrastructure. Despite this, ...
Adversaries exploit memory corruption vulnerabilities to hijack a program's control flow and gain ar...
Memory corruption vulnerabilities, mainly present in C and C++ applications, may enable attackers to...
Control Flow Integrity (CFI) provides a strong protection against modern control-flow hijacking atta...
International audienceCyber-attacks are widely known to be a major threat on computing devi...