English
Related papers

Related papers: Uninitialized Capabilities

200 papers

Up to 10% of memory-safety vulnerabilities in languages like C and C++ stem from uninitialized variables. This work addresses the prevalence and lack of adequate software mitigations for uninitialized memory issues, proposing architectural…

Cryptography and Security · Computer Science 2025-10-14 Merve Gülmez , Håkan Englund , Jan Tobias Mühlberg , Thomas Nyman

Capability machines such as CHERI provide memory capabilities that can be used by compilers to provide security benefits for compiled code (e.g., memory safety). The existing C to CHERI compiler, for example, achieves memory safety by…

Programming Languages · Computer Science 2021-05-05 Akram El-Korashy , Stelios Tsampas , Marco Patrignani , Dominique Devriese , Deepak Garg , Frank Piessens

CHERI-C extends the C programming language by adding hardware capabilities, ensuring a certain degree of memory safety while remaining efficient. Capabilities can also be employed for higher-level security measures, such as software…

Logic in Computer Science · Computer Science 2023-04-26 Seung Hoon Park , Rekha Pai , Tom Melham

Capability-based memory isolation is a promising new architectural primitive. Software can access low-level memory only via capability handles rather than raw pointers, which provides a natural interface to enforce security restrictions.…

Cryptography and Security · Computer Science 2023-03-10 Jason Zhijingcheng Yu , Conrad Watt , Aditya Badole , Trevor E. Carlson , Prateek Saxena

A digital security-by-design computer architecture, like CHERI, lets you program without fear of buffer overflows or other memory safety errors, but CHERI also rewrites some of the assumptions about how C works and how fundamental types…

Cryptography and Security · Computer Science 2025-07-01 Maysara Alhindi , Joseph Hallett

CHERI (Capability Hardware Enhanced RISC Instructions) is a novel hardware designed to address memory safety issues. By replacing traditional pointers with hardware capabilities, it enhances security in modern software systems. A Virtual…

Programming Languages · Computer Science 2026-03-09 Hanhaotian Liu , Tetsuro Yamazaki , Tomoharu Ugawa

Despite the numerous efforts of security researchers, memory vulnerabilities remain a top issue for modern computing systems. Capability-based solutions aim to solve whole classes of memory vulnerabilities at the hardware level by encoding…

Hardware Architecture · Computer Science 2022-08-23 Alan Ehret , Jacob Abraham , Mihailo Isakov , Michel A. Kinsy

A key feature in trusted computing is attestation, which allows encapsulated components (enclaves) to prove their identity to (local or remote) distrusting components. Reasoning about software that uses the technique requires tracking how…

Programming Languages · Computer Science 2026-04-17 June Rousseau , Denis Carnier , Thomas Van Strydonck , Steven Keuchel , Dominique Devriese , Lars Birkedal

Quantifying the "capability" of a manufacturing process is an important initial step in any quality improvement program. Capability is usually defined in dictionaries as "the ability to carry out a task, to achieve an objective". Process…

Applications · Statistics 2015-03-25 Mahendra Saha , Sudhansu S. Maiti

In-process compartmentalization and access control have been actively explored to provide in-place and efficient isolation of in-process security domains. Many works have proposed compartmentalization schemes that leverage hardware…

Cryptography and Security · Computer Science 2023-09-21 Kha Dinh Duy , Kyuwon Cho , Taehyun Noh , Hojoon Lee

Protecting data in memory from attackers continues to be a concern in computing systems. CHERI is a promising approach to achieve such protection, by providing and enforcing fine-grained memory protection directly in the hardware. Creating…

Generative AI techniques have opened the path for new generations of machines in diverse domains. These machines have various capabilities for example, they can produce images, generate answers or stories, and write codes based on the…

Artificial Intelligence · Computer Science 2023-07-18 Nitisha Aggarwal , Geetika Jain Saxena , Sanjeev Singh , Amit Pundir

The widespread deployment of embedded systems in critical infrastructures, interconnected edge devices like autonomous drones, and smart industrial systems requires robust security measures. Compromised systems increase the risks of…

Emerging Technologies · Computer Science 2025-07-08 Donato Ferraro , Andrea Bastoni , Alexander Zuepke , Andrea Marongiu

In this paper, we present PoisonCap: scalable temporal safety with strict use-after-free protection and initialisation safety for CHERI systems. Efficient memory safety is an increasing priority for programming languages, operating systems,…

Process capability index (PCI) is a commonly used statistic to measure ability of a process to operate within the given specifications or to produce products which meet the required quality specifications. PCI can be univariate or…

Applications · Statistics 2018-11-19 Deovrat Kakde , Arin Chaudhuri , Diana Shaw

While the CHERI instruction-set architecture extensions for capabilities enable strong spatial memory safety, CHERI lacks built-in temporal safety, particularly for heap allocations. Prior attempts to augment CHERI with temporal safety fall…

Cryptography and Security · Computer Science 2026-02-11 Merve Gülmez , Ruben Sturm , Hossam ElAtali , Håkan Englund , Jonathan Woodruff , N. Asokan , Thomas Nyman

Lack of memory-safety and exposure to side channels are two prominent, persistent challenges for the secure implementation of software. Memory-safe programming languages promise to significantly reduce the prevalence of memory-safety bugs,…

Cryptography and Security · Computer Science 2025-09-19 Hossam ElAtali , Merve Gülmez , Thomas Nyman , N. Asokan

AI agents that interact with the real world through tool calls pose fundamental safety challenges: agents might leak private information, cause unintended side effects, or be manipulated through prompt injection. To address these…

Artificial Intelligence · Computer Science 2026-05-29 Martin Odersky , Yaoyu Zhao , Yichen Xu , Oliver Bračevac , Cao Nguyen Pham

The efficiency of an AI system is contingent upon its ability to align with the specified requirements of a given task. How-ever, the inherent complexity of tasks often introduces the potential for harmful implications or adverse actions.…

Computers and Society · Computer Science 2023-12-08 Kamalakar Karlapalem

MMU-less Linux variant lacks security because it does not have protection or isolation mechanisms. It also does not use MPUs as they do not fit with its software model because of the design drawbacks of MPUs (\ie coarse-grained protection…

Operating Systems · Computer Science 2024-01-19 Hesham Almatary , Alfredo Mazzinghi , Robert N. M. Watson
‹ Prev 1 2 3 10 Next ›