Skip to main content
SpringerLink
Log in
Book cover

International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing

IMIS 2017: Innovative Mobile and Internet Services in Ubiquitous Computing pp 321–329Cite as

EE-CFI: Externalized Control Flow Integrity for Embedded Devices

  • Conference paper
  • First Online:

  • 1812 Accesses

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 612))

Abstract

Embedded devices typically offer weak hardware and software security and yet they are often used to achieve critical tasks. Several attacks (such as buffer overflow) can bypass the default program’s behaviour and lead to arbitrary code execution. To tackle this problem, CFI (Control Flow Integrity) can be used at the cost of a significant overhead, which may not fit the embedded world’s constraints. In this paper we discuss EE-CFI, an Externalized and Embedded CFI solution. EE-CFI is based on the instrumentation of source-code to produce a trace of its execution path. This trace is validated by an external monitor, responsible for verifying that the code path is legitimate with regard to the CFG (Control Flow Graph) extracted at compilation time. This solution uses LLVM and is designed to be compatible with embedded constraints and adaptable to the heterogeneity of embedded devices.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   259.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Abadi, M., Budiu, M., Erlingsson, Ú., Ligatti, J.: Control-flow integrity. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS 2005, pp. 340–353. ACM, New York (2005). doi:10.1145/1102120.1102165

  2. Mashtizadeh, A.J., Bittau, A., Boneh, D., Mazières, D.: CCFI: cryptographically enforced control flow integrity. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 941–951. ACM, New York (2015). doi:10.1145/2810103.2813676

  3. Mohan, V., Larsen, P., Brunthaler, S., Hamlen, K.W., Franz, M.: Opaque control-flow integrity. In: Internet Society (2015). doi:10.14722/ndss.2015.23271

  4. Coudray, T., Fontaine, A., Chifflier, P.: PICON: Control Flow Integrity on LLVM IR

    Google Scholar 

  5. Carlini, N., Barresi, A., Payer, M., Wagner, D., Gross, T.R.: Control-flow bending: on the effectiveness of control-flow integrity, pp. 161–76 (2015). https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/carlini

  6. Evans, I., Long, F., Otgonbaatar, U., Shrobe, H., Rinard, M., Okhravi, H., Sidiroglou-Douskos, S.: Control Jujutsu: on the weaknesses of fine-grained control flow integrity. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 901–913. ACM, New York (2015). doi:10.1145/2810103.2813646

  7. Conti, M., Crane, S., Davi, L., Franz, M., Larsen, P., Negro, M., Liebchen, C., Qunaibit, M., Sadeghi, A.-R.: Losing control: on the effectiveness of control-flow integrity under stack attacks. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 952–963. ACM, New York (2015). doi:10.1145/2810103.2813671

  8. Otgonbaatar, U.: Evaluating Modern Defenses Against Control Flow Hijacking. MIT Lincoln Laboratory (2015). http://people.csail.mit.edu/hes/ROP/Publications/ulzi-thesis.pdf

  9. Lattner, C., Adve, V.: LLVM: a compilation framework for lifelong program analysis transformation. In: International Symposium on Code Generation and Optimization, CGO 2004, pp. 75–86 (2004). doi:10.1109/CGO.2004.1281665

  10. RTOS - Free Professionally Developed and Robust Real Time Operating System for Small Embedded Systems Development. http://www.freertos.org/RTOS.html. Accessed 29 Aug 2016

  11. STM32F4 Series - STMicroelectronics. http://www.st.com/content/st_com/en/products/microcontrollers/stm32-32-bit-arm-cortex-mcus/stm32f4-series.html?querycriteria=productId=SS1577. Accessed 29 Aug 2016

Download references

Author information

Authors and Affiliations

  1. Laboratoire CRIStAL, Université Lille 1, Villeneuve-d’Ascq, France

    Valentin Lefils, Gilles Grimaud & Julien Iguchi-Cartigny

Authors
  1. Valentin Lefils
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gilles Grimaud
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Julien Iguchi-Cartigny
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Valentin Lefils .

Editor information

Editors and Affiliations

  1. Faculty of Information Engineering, Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

  2. Rissho University, Tokyo, Japan

    Tomoya Enokido

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this paper

Cite this paper

Lefils, V., Grimaud, G., Iguchi-Cartigny, J. (2018). EE-CFI: Externalized Control Flow Integrity for Embedded Devices. In: Barolli, L., Enokido, T. (eds) Innovative Mobile and Internet Services in Ubiquitous Computing . IMIS 2017. Advances in Intelligent Systems and Computing, vol 612. Springer, Cham. https://doi.org/10.1007/978-3-319-61542-4_30

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-61542-4_30

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-61541-7

  • Online ISBN: 978-3-319-61542-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation