FastCFI: Real-time Control-Flow Integrity Using FPGA without Code Instrumentation

2021 ◽  
Vol 26 (5) ◽  
pp. 1-39
Author(s):  
Lang Feng ◽  
Jeff Huang ◽  
Jiang Hu ◽  
Abhijith Reddy
Keyword(s):  
Real Time ◽  
Cyber Attacks ◽  
Control Flow ◽  
Compression Algorithm ◽  
Real Time Control ◽  
Fine Grained ◽  
Generation Technique ◽  
Time Control ◽  
Control Flow Integrity ◽  
Code Instrumentation

Control-Flow Integrity (CFI) is an effective defense technique against a variety of memory-based cyber attacks. CFI is usually enforced through software methods, which entail considerable performance overhead. Hardware-based CFI techniques can largely avoid performance overhead, but typically rely on code instrumentation, forming a non-trivial hurdle to the application of CFI. Taking advantage of the tradeoff between computing efficiency and flexibility of FPGA, we develop FastCFI, an FPGA-based CFI system that can perform fine-grained and stateful checking without code instrumentation. We also propose an automated Verilog generation technique that facilitates fast deployment of FastCFI, and a compression algorithm for reducing the hardware expense. Experiments on popular benchmarks confirm that FastCFI can detect fine-grained CFI violations over unmodified binaries. When using FastCFI on prevalent benchmarks, we demonstrate its capability to detect fine-grained CFI violations in unmodified binaries, while incurring an average of 0.36% overhead and a maximum of 2.93% overhead.

Modeling and Simulation of Discrete Event Robotic Systems Using Extended Petri Nets

2012 ◽  
pp. 51-69
Author(s):  
Gen’ichi Yasuda
Keyword(s):  
Petri Nets ◽  
Real Time ◽  
Discrete Event ◽  
Control Flow ◽  
Coordination Mechanism ◽  
Robotic Systems ◽  
Real Time Control ◽  
Time Control ◽  
Extended Petri Nets ◽  
Implementation Problems

This chapter deals with modeling, simulation, and implementation problems encountered in robotic manufacturing control systems. Extended Petri nets are adopted as a prototyping tool for expressing real-time control of robotic systems and a systematic method based on hierarchical Petri nets is described for their direct implementation. A coordination mechanism is introduced to coordinate the event activities of the distributed machine controllers through friability tests of shared global transitions. The proposed prototyping method allows a direct coding of the inter-task cooperation by robots and intelligent machines from the conceptual Petri net specification, so that it increases the traceability and the understanding of the control flow of a parallel application specified by a net model. This approach can be integrated with off-the-shelf real-time executives. Control software using multithreaded programming is demonstrated to show the effectiveness of the proposed method.

scholarly journals DExIE - An IoT-Class Hardware Monitor for Real-Time Fine-Grained Control-Flow Integrity

2022 ◽  
Author(s):  
Christoph Spang ◽  
Yannick Lavan ◽  
Marco Hartmann ◽  
Florian Meisel ◽  
Andreas Koch
Keyword(s):  
Real Time ◽  
Control Flow ◽  
Performance Impact ◽  
Fine Grained ◽  
Control Flow Integrity ◽  
Flow Information ◽  
Performance Penalty ◽  
Automated Programming ◽  
Dynamic Execution ◽  
Size And Structure

AbstractThe Dynamic Execution Integrity Engine (DExIE) is a lightweight hardware monitor that can be flexibly attached to many IoT-class processor pipelines. It is guaranteed to catch both inter- and intra-function illegal control flows in time to prevent any illegal instructions from touching memory. The performance impact of attaching DExIE to a core depends on the concrete pipeline structure. In some especially suitable cases, extending a processor with DExIE will have no performance penalty. DExIE is real-time capable, as it causes no or only up to 10.4 % additional and then predictable pipeline stalls. Depending on the monitored processor’s size and structure, DExIE is faster than software-based monitoring and often smaller than a separate guard processor. We present not just the hardware architecture, but also the automated programming flow, and discuss compact adaptable storage formats to hold fine-grained control flow information.

Modeling and Simulation of Discrete Event Robotic Systems Using Extended Petri Nets

2012 ◽  
pp. 577-593
Author(s):  
Gen’ichi Yasuda
Keyword(s):  
Petri Nets ◽  
Real Time ◽  
Discrete Event ◽  
Control Flow ◽  
Coordination Mechanism ◽  
Robotic Systems ◽  
Real Time Control ◽  
Time Control ◽  
Extended Petri Nets ◽  
Implementation Problems

This chapter deals with modeling, simulation, and implementation problems encountered in robotic manufacturing control systems. Extended Petri nets are adopted as a prototyping tool for expressing real-time control of robotic systems and a systematic method based on hierarchical Petri nets is described for their direct implementation. A coordination mechanism is introduced to coordinate the event activities of the distributed machine controllers through friability tests of shared global transitions. The proposed prototyping method allows a direct coding of the inter-task cooperation by robots and intelligent machines from the conceptual Petri net specification, so that it increases the traceability and the understanding of the control flow of a parallel application specified by a net model. This approach can be integrated with off-the-shelf real-time executives. Control software using multithreaded programming is demonstrated to show the effectiveness of the proposed method.

A Real Time Control Architecture for Continuously Managing Patients in a Care Unit

1995 ◽  
Vol 34 (05) ◽  
pp. 475-488
Author(s):  
B. Seroussi ◽  
J. F. Boisvieux ◽  
V. Morice
Keyword(s):  
Real Time ◽  
Linear Time ◽  
Treatment Plan ◽  
Control Architecture ◽  
Real Time Control ◽  
Time Representation ◽  
Time Control ◽  
Continuous Support ◽  
Definition Of ◽  
Computerized System

Abstract:The monitoring and treatment of patients in a care unit is a complex task in which even the most experienced clinicians can make errors. A hemato-oncology department in which patients undergo chemotherapy asked for a computerized system able to provide intelligent and continuous support in this task. One issue in building such a system is the definition of a control architecture able to manage, in real time, a treatment plan containing prescriptions and protocols in which temporal constraints are expressed in various ways, that is, which supervises the treatment, including controlling the timely execution of prescriptions and suggesting modifications to the plan according to the patient’s evolving condition. The system to solve these issues, called SEPIA, has to manage the dynamic, processes involved in patient care. Its role is to generate, in real time, commands for the patient’s care (execution of tests, administration of drugs) from a plan, and to monitor the patient’s state so that it may propose actions updating the plan. The necessity of an explicit time representation is shown. We propose using a linear time structure towards the past, with precise and absolute dates, open towards the future, and with imprecise and relative dates. Temporal relative scales are introduced to facilitate knowledge representation and access.

Sign in / Sign up

Export Citation Format

Share Document