Visible to the public Control-Flow Integrity for Real-Time Operating Systems: Open Issues and Challenges

Submitted by aekwall on Mon, 03/14/2022 - 1:35pm
TitleControl-Flow Integrity for Real-Time Operating Systems: Open Issues and Challenges
Publication TypeConference Paper
Year of Publication2021
AuthorsMoghadam, Vahid Eftekhari, Meloni, Marco, Prinetto, Paolo
Conference Name2021 IEEE East-West Design Test Symposium (EWDTS)
Date Publishedsep
KeywordsBuffer overflows, code-reuse attacks, codes, composability, control-flow integrity, cybersecurity, Embedded systems, Focusing, Hardware, human factors, Operating systems, pubcrawl, Real-time Systems, Resiliency, ROP, rop attacks, Scalability, security, Software
AbstractThe pervasive presence of smart objects in almost every corner of our everyday life urges the security of such embedded systems to be the point of attention. Memory vulnerabilities in the embedded program code, such as buffer overflow, are the entry point for powerful attack paradigms such as Code-Reuse Attacks (CRAs), in which attackers corrupt systems' execution flow and maliciously alter their behavior. Control-Flow Integrity (CFI) has been proven to be the most promising approach against such kinds of attacks, and in the literature, a wide range of flow monitors are proposed, both hardware-based and software-based. While the formers are hardly applicable as they impose design alteration of underlying hardware modules, on the contrary, software solutions are more flexible and also portable to the existing devices. Real-Time Operating Systems (RTOS) and their key role in application development for embedded systems is the main concern regarding the application of the CFI solutions.This paper discusses the still open challenges and issues regarding the implementation of control-flow integrity policies on operating systems for embedded systems, analyzing the solutions proposed so far in the literature, highlighting possible limits in terms of performance, applicability, and protection coverage, and proposing possible improvement directions.
DOI10.1109/EWDTS52692.2021.9581003
Citation Keymoghadam_control-flow_2021
Groups: