English
Related papers

Related papers: SpecCFA: Enhancing Control Flow Attestation/Auditi…

200 papers

The control flow graph (CFG) representation of a procedure used by virtually all flow-sensitive program analyses, admits a large number of infeasible control flow paths i.e., these paths do not occur in any execution of the program. Hence…

Software Engineering · Computer Science 2022-08-29 Komal Pathade , Uday Khedker

Control-flow leakage (CFL) attacks enable an attacker to expose control-flow decisions of a victim program via side-channel observations. Linearization (i.e., elimination) of secret-dependent control flow is the main countermeasure against…

Cryptography and Security · Computer Science 2025-02-12 Hans Winderix , Marton Bognar , Lesly-Ann Daniel , Frank Piessens

Data flow testing creates test requirements as definition-use (DU) associations, where a definition is a program location that assigns a value to a variable and a use is a location where that value is accessed. Data flow testing is…

Software Engineering · Computer Science 2021-01-18 Marcos Lordello Chaim , Kesina Baral , Jeff Offutt

Electromagnetic (EM) side-channel analysis (SCA) is a prominent tool to break mathematically-secure cryptographic engines, especially on resource-constrained IoT devices. Presently, to perform EM SCA on an embedded IoT device, the entire…

Cryptography and Security · Computer Science 2020-03-03 Josef Danial , Debayan Das , Santosh Ghosh , Arijit Raychowdhury , Shreyas Sen

Side-channel attacks such as Spectre that utilize speculative execution to steal application secrets pose a significant threat to modern computing systems. While program transformations can mitigate some Spectre attacks, more advanced…

Cryptography and Security · Computer Science 2019-03-27 Zhuojia Shen , Jie Zhou , Divya Ojha , John Criswell

In typical software, many comparisons and subsequent branch operations are highly critical in terms of security. Examples include password checks, signature checks, secure boot, and user privilege checks. For embedded devices, these…

Cryptography and Security · Computer Science 2018-03-23 Robert Schilling , Mario Werner , Stefan Mangard

CPU cache is a limited but crucial storage component in modern processors, whereas the cache timing side-channel may inadvertently leak information through the physically measurable timing variance. Speculative execution, an essential…

Cryptography and Security · Computer Science 2020-02-18 Shengjian Guo , Yueqi Chen , Peng Li , Yueqiang Cheng , Huibo Wang , Meng Wu , Zhiqiang Zuo

Growing code bases of modern applications have led to a steady increase in the number of vulnerabilities. Control-Flow Integrity (CFI) is one promising mitigation that is more and more widely deployed and prevents numerous exploits. CFI…

Cryptography and Security · Computer Science 2022-03-01 Claudio Canella , Sebastian Dorn , Daniel Gruss , Michael Schwarz

Formal verification and testing are complementary approaches which are used in the development process to verify the functional correctness of software. However, the correctness of software cannot ensure the safe operation of…

Software Engineering · Computer Science 2016-12-12 Asim Abdulkhaleq , Stefan Wagner , Nancy Leveson

The never-ending computational demand from simulations of turbulence makes computational fluid dynamics (CFD) a prime application use case for current and future exascale systems. High-order finite element methods, such as the spectral…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-05-10 Martin Karp , Estela Suarez , Jan H. Meinke , Måns I. Andersson , Philipp Schlatter , Stefano Markidis , Niclas Jansson

Spectre attacks exploit microprocessor speculative execution to read and transmit forbidden data outside the attacker's trust domain and sandbox. Recent hardware schemes allow potentially-unsafe speculative accesses but prevent the secret's…

Hardware Architecture · Computer Science 2023-06-14 Conor Green , Cole Nelson , Mithuna Thottethodi , T. N. Vijaykumar

Speculative execution attacks undermine the security of constant-time programming, the standard technique used to prevent microarchitectural side channels in security-sensitive software such as cryptographic code. Constant-time code must…

Cryptography and Security · Computer Science 2023-12-18 Rutvik Choudhary , Alan Wang , Zirui Neil Zhao , Adam Morrison , Christopher W. Fletcher

Memory corruption vulnerabilities are still a severe threat for software systems. To thwart the exploitation of such vulnerabilities, many different kinds of defenses have been proposed in the past. Most prominently, Control-Flow Integrity…

Cryptography and Security · Computer Science 2020-07-09 Patrick Wollgast , Robert Gawlik , Behrad Garmany , Benjamin Kollenda , Thorsten Holz

Deploying new supercomputers requires testing and evaluation via application codes. Portable, user-friendly tools enable evaluation, and the Multicomponent Flow Code (MFC), a computational fluid dynamics (CFD) code, addresses this need. MFC…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-11-19 Benjamin Wilfong , Anand Radhakrishnan , Henry A. Le Berre , Tanush Prathi , Stephen Abbott , Spencer H. Bryngelson

The recent Spectre attacks has demonstrated the fundamental insecurity of current computer microarchitecture. The attacks use features like pipelining, out-of-order and speculation to extract arbitrary information about the memory contents…

Cryptography and Security · Computer Science 2020-08-18 Roberto Guanciale , Musard Balliu , Mads Dam

Sensor networks are vulnerable to \emph{false data injection attack} and \emph{path-based DoS} (PDoS) attack. While conventional authentication schemes are insufficient for solving these security conflicts, an \emph{en-route filtering}…

Networking and Internet Architecture · Computer Science 2009-11-24 Chia-Mu Yu , Chun-Shien Lu , Sy-Yen Kuo

Physically Unclonable Functions (PUFs) are used for securing electronic devices across the implementation spectrum ranging from Field Programmable Gate Array (FPGA) to system on chips (SoCs). However, existing PUF implementations often…

Cryptography and Security · Computer Science 2023-03-31 Christopher Vega , Shubhra Deb Paul , Patanjali SLPSK , Swarup Bhunia

This work presents the first design, integration, and evaluation of the standard RISC-V extensions for Control-Flow Integrity (CFI). The Zicfiss and Zicfilp extensions aim at protecting the execution of a vulnerable program from…

Hardware Architecture · Computer Science 2026-02-16 Simone Manoni , Emanuele Parisi , Riccardo Tedeschi , Davide Rossi , Andrea Acquaviva , Andrea Bartolini

An essential part of cyber-physical systems is the online evaluation of real-time data streams. Especially in systems that are intrinsically safety-critical, a dedicated monitoring component inspecting data streams to detect problems at…

Distributed, Parallel, and Cluster Computing · Computer Science 2021-04-13 Jan Baumeister , Bernd Finkbeiner , Maximilian Schwenger , Hazem Torfah

Data-Flow Integrity (DFI) is a well-known approach to effectively detecting a wide range of software attacks. However, its real-world application has been quite limited so far because of the prohibitive performance overhead it incurs.…

Hardware Architecture · Computer Science 2021-11-30 Lang Feng , Jiayi Huang , Jeff Huang , Jiang Hu