International audienceFault injections are increasingly used to attack/test secure applications. In this paper, we define formal models of runtime monitors that can detect fault injections that result in test inversion attacks and arbitrary jumps in the control flow. Runtime verification monitors offer several advantages. The code implementing a monitor is small compared to the entire application code. Monitors have a formal semantics; and we prove that they effectively detect attacks. Each monitor is a module dedicated to detecting an attack and can be deployed as needed to secure the application. A monitor can run separately from the application or it can be weaved inside the application. Our monitors have been validated by detecting simu...
International audienceFault injection is a well known method to test the robustness and security vul...
A runtime monitor checks a safety property during a pro-gram’s execution. A parameterized runtime mo...
The lack of memory safety in C/C++ often leads to vulnerabilities. Code injection attacks exploit th...
International audienceFault injections are increasingly used to attack/test secure applications. In ...
Formal methods have been used to establish the idea of safety and monitorable properties. Drawing fr...
We introduce a run-time security monitor for embedded system applications that detects both known an...
AbstractRuntime verification permits checking system properties that cannot be fully verified off-li...
Software Testing is the process used to assure the correctness, completeness, performance, security ...
Runtime verification permits checking system properties that cannot be fully verified o#-line. This ...
Funding Information: *Part of Cardoso’s and Fisher’s work was supported by The Royal Academy of Engi...
Critical real-time systems have become a popular target for cyber attacks. Attack vectors exist all ...
Abstract. Runtime monitoring aims at ensuring program safety by monitoring the program’s behaviour d...
A large portion of the software development industry relies on testing as the main technique for qua...
In this paper, we describe a program monitor which is able to capture runtime instruction sequences ...
Constructing trustworthy computer systems requires validating that every executed piece of code is g...
International audienceFault injection is a well known method to test the robustness and security vul...
A runtime monitor checks a safety property during a pro-gram’s execution. A parameterized runtime mo...
The lack of memory safety in C/C++ often leads to vulnerabilities. Code injection attacks exploit th...
International audienceFault injections are increasingly used to attack/test secure applications. In ...
Formal methods have been used to establish the idea of safety and monitorable properties. Drawing fr...
We introduce a run-time security monitor for embedded system applications that detects both known an...
AbstractRuntime verification permits checking system properties that cannot be fully verified off-li...
Software Testing is the process used to assure the correctness, completeness, performance, security ...
Runtime verification permits checking system properties that cannot be fully verified o#-line. This ...
Funding Information: *Part of Cardoso’s and Fisher’s work was supported by The Royal Academy of Engi...
Critical real-time systems have become a popular target for cyber attacks. Attack vectors exist all ...
Abstract. Runtime monitoring aims at ensuring program safety by monitoring the program’s behaviour d...
A large portion of the software development industry relies on testing as the main technique for qua...
In this paper, we describe a program monitor which is able to capture runtime instruction sequences ...
Constructing trustworthy computer systems requires validating that every executed piece of code is g...
International audienceFault injection is a well known method to test the robustness and security vul...
A runtime monitor checks a safety property during a pro-gram’s execution. A parameterized runtime mo...
The lack of memory safety in C/C++ often leads to vulnerabilities. Code injection attacks exploit th...