English
Related papers

Related papers: Picking a CHERI Allocator: Security and Performanc…

200 papers

There is growing interest in securing the hardware foundations software stacks build upon. However, before making any investment decision, software and hardware supply chain stakeholders require evidence from realistic, multiple long-term…

Cryptography and Security · Computer Science 2025-04-28 Shamal Faily

The widespread deployment of embedded systems in critical infrastructures, interconnected edge devices like autonomous drones, and smart industrial systems requires robust security measures. Compromised systems increase the risks of…

Emerging Technologies · Computer Science 2025-07-08 Donato Ferraro , Andrea Bastoni , Alexander Zuepke , Andrea Marongiu

During our port of the MicroPython bytecode interpreter to the CHERI-based Arm Morello platform, we encountered a number of serious performance degradations. This paper explores several of these performance issues in detail, in each case we…

Programming Languages · Computer Science 2023-09-14 Duncan Lowther , Dejice Jacob , Jeremy Singer

Compartmentalization is a form of defensive software design in which an application is broken down into isolated but communicating components. Retrofitting compartmentalization into existing applications is often thought to be expensive…

Cryptography and Security · Computer Science 2023-09-22 John Alistair Kressel , Hugo Lefeuvre , Pierre Olivier

Memory corruption attacks have been prevalent in software for a long time. Some mitigation strategies against these attacks do exist, but they are not as far-reaching or as efficient as the CHERI architecture. CHERI uses capabilities to…

Cryptography and Security · Computer Science 2026-01-28 Dariy Guzairov , Alex Potanin , Stephen Kell , Alwen Tiu

A digital security-by-design computer architecture, like CHERI, lets you program without fear of buffer overflows or other memory safety errors, but CHERI also rewrites some of the assumptions about how C works and how fundamental types…

Cryptography and Security · Computer Science 2025-07-01 Maysara Alhindi , Joseph Hallett

MMU-less Linux variant lacks security because it does not have protection or isolation mechanisms. It also does not use MPUs as they do not fit with its software model because of the design drawbacks of MPUs (\ie coarse-grained protection…

Operating Systems · Computer Science 2024-01-19 Hesham Almatary , Alfredo Mazzinghi , Robert N. M. Watson

In spite of years of improvements to software security, heap-related attacks still remain a severe threat. One reason is that many existing memory allocators fall short in a variety of aspects. For instance, performance-oriented allocators…

Operating Systems · Computer Science 2017-09-26 Sam Silvestro , Hongyu Liu , Corey Crosser , Zhiqiang Lin , Tongping Liu

Memory-unsafe programming languages such as C and C++ are the preferred languages for systems programming, embedded systems, and performance-critical applications. The widespread use of these languages makes the risk of memory-related…

Cryptography and Security · Computer Science 2024-07-09 Sacha Ruchlejmer

Protecting data in memory from attackers continues to be a concern in computing systems. CHERI is a promising approach to achieve such protection, by providing and enforcing fine-grained memory protection directly in the hardware. Creating…

CHERI (Capability Hardware Enhanced RISC Instructions) is a novel hardware designed to address memory safety issues. By replacing traditional pointers with hardware capabilities, it enhances security in modern software systems. A Virtual…

Programming Languages · Computer Science 2026-03-09 Hanhaotian Liu , Tetsuro Yamazaki , Tomoharu Ugawa

This technical report describes a new extension to capability machines. Capability machines are a special type of processors that include better security primitives at the hardware level. In capability machines, every word has an associated…

Programming Languages · Computer Science 2020-06-03 Sander Huyghebaert , Thomas Van Strydonck , Steven Keuchel , Dominique Devriese

While the CHERI instruction-set architecture extensions for capabilities enable strong spatial memory safety, CHERI lacks built-in temporal safety, particularly for heap allocations. Prior attempts to augment CHERI with temporal safety fall…

Cryptography and Security · Computer Science 2026-02-11 Merve Gülmez , Ruben Sturm , Hossam ElAtali , Håkan Englund , Jonathan Woodruff , N. Asokan , Thomas Nyman

Up to 10% of memory-safety vulnerabilities in languages like C and C++ stem from uninitialized variables. This work addresses the prevalence and lack of adequate software mitigations for uninitialized memory issues, proposing architectural…

Cryptography and Security · Computer Science 2025-10-14 Merve Gülmez , Håkan Englund , Jan Tobias Mühlberg , Thomas Nyman

Timing-based side and covert channels in processor caches continue to be a threat to modern computers. This work shows for the first time a systematic, large-scale analysis of Arm devices and the detailed results of attacks the processors…

Cryptography and Security · Computer Science 2021-11-02 Shuwen Deng , Nikolay Matyunin , Wenjie Xiong , Stefan Katzenbeisser , Jakub Szefer

Capability machines such as CHERI provide memory capabilities that can be used by compilers to provide security benefits for compiled code (e.g., memory safety). The existing C to CHERI compiler, for example, achieves memory safety by…

Programming Languages · Computer Science 2021-05-05 Akram El-Korashy , Stelios Tsampas , Marco Patrignani , Dominique Devriese , Deepak Garg , Frank Piessens

Existing high-end embedded systems face frequent security attacks. Software compartmentalization is one technique to limit the attacks' effects to the compromised compartment and not the entire system. Unfortunately, the existing…

In this paper, we present PoisonCap: scalable temporal safety with strict use-after-free protection and initialisation safety for CHERI systems. Efficient memory safety is an increasing priority for programming languages, operating systems,…

Security is a growing problem that needs hardware support. Memristors provide an alternative technology for hardware-supported security implementation. This paper presents a specific technique that utilizes the benefits of hybrid…

Cryptography and Security · Computer Science 2024-02-16 Muayad J. Aljafar , Rasika Joshi , John M. Acken

Attacks on the microarchitecture of modern processors have become a practical threat to security and privacy in desktop and cloud computing. Recently, cache attacks have successfully been demonstrated on ARM based mobile devices, suggesting…

Cryptography and Security · Computer Science 2017-03-30 Marc Green , Leandro Rodrigues-Lima , Andreas Zankl , Gorka Irazoqui , Johann Heyszl , Thomas Eisenbarth
‹ Prev 1 2 3 10 Next ›