当前位置：网站首页>Research on system and software security (I)

Research on system and software security (I)

2022-04-23 08:01:00 【Xihang】

Holistic Control-Flow Protection on Real-Time Embedded Systems with Kage

usenix secrity 2022

abstract

This paper presents Kage: a system that protects the control data of both application and kernel code on microcontroller-based embedded systems.

Kage consists of a Kage-compliant embedded OS that stores all control data in seqarate memory regions from untrusted data, a compiler that transforms code to protect these memory regions efficiently and to add forwardedge control-flow integrity checks, and a secure API that allows safe updates to the protectd data.

We implemented Kage as an extension to FreeRTOS, an embedded real-time operating system. We evaluated Kage’s performance using the CoreMark benchmark.

Kage incurred a 5.2% average run-time overhead and 49.8% code size overhead.

Further

版权声明
本文为[Xihang]所创，转载请带上原文链接，感谢
https://yzsam.com/2022/04/202204230625153737.html