Fast Execute-Only Memory for Embedded Systems
Remote code disclosure attacks threaten embedded systems as they allow attackers to steal intellectual property or to find reusable code for use in control-flow hijacking attacks. Execute-only memory (XOM) prevents remote code disclosures, but existing XOM solutions either require a memory management unit that is not available on ARM embedded systems or incur significant overhead. We present PicoXOM: a fast and novel XOM system for ARMv7-M and ARMv8-M devices which leverages ARM's Data Watchpoint and Tracing unit along with the processor's simplified memory protection hardware. On average, PicoXOM incurs 0.33 and five real-world applications.
READ FULL TEXT