A Comprehensive and Cross-Platform Test Suite for Memory Safety – Towards an Open Framework for Testing Processor Hardware Supported Security Extensions

11/28/2021
by   Wei Song, et al.
0

Memory safety remains a critical and widely violated property in reality. Numerous defense techniques have been proposed and developed but most of them are not applied or enabled by default in production-ready environment due to their substantial running cost. The situation might change in the near future because the hardware supported defenses against these attacks are finally beginning to be adopted by commercial processors, operating systems and compilers. We then face a question as there is currently no suitable test suite to measure the memory safety extensions supported on different processors. In fact, the issue is not constrained only for memory safety but all aspect of processor security. All of the existing test suites related to processor security lack some of the key properties, such as comprehensiveness, distinguishability and portability. As an initial step, we propose an expandable test framework for measuring the processor security and open source a memory safety test suite utilizing this framework. The framework is deliberately designed to be flexible so it can be gradually extended to all types of hardware supported security extensions in processors. The initial test suite for memory safety currently contains 160 test cases covering spatial and temporal safety of memory, memory access control, pointer integrity and control-flow integrity. Each type of vulnerabilities and their related defenses have been individually evaluated by one or more test cases. The test suite has been ported to three different instruction set architectures (ISAs) and experimented on six different platforms. We have also utilized the test suite to explore the security benefits of applying different sets of compiler flags available on the latest GNU GCC and LLVM compilers.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
07/27/2020

SPAM: Stateless Permutation of Application Memory

In this paper, we propose the Stateless Permutation of Application Memor...
research
02/17/2022

PACSafe: Leveraging ARM Pointer Authentication for Memory Safety in C/C++

Memory safety bugs remain in the top ranks of security vulnerabilities, ...
research
08/05/2023

RV-CURE: A RISC-V Capability Architecture for Full Memory Safety

Despite decades of efforts to resolve, memory safety violations are stil...
research
08/30/2019

Porting of eChronos RTOS on RISC-V Architecture

eChronos is a formally verified Real Time Operating System(RTOS) designe...
research
03/27/2023

Picking a CHERI Allocator: Security and Performance Considerations

Several open-source memory allocators have been ported to CHERI, a hardw...
research
07/19/2021

A Non-invasive Technique to Detect Authentic/Counterfeit SRAM Chips

Many commercially available memory chips are fabricated worldwide in unt...
research
08/01/2020

Custom Tailored Suite of Random Forests for Prefetcher Adaptation

To close the gap between memory and processors, and in turn improve perf...

Please sign up or login with your details

Forgot password? Click here to reset