Affiliation:
1. College of Electronic and Information Engineering, Shandong University of Science and Technology, Qingdao 266590, China
Abstract
Control flow critical metadata play a key role in hardware-based control flow integrity (CFI) mechanisms that effectively monitor and secure program control flow based on pre-extracted metadata. The existing control flow analysis tools exhibit some deficiencies, including inadequate compatibility with the RISC-V architecture, a steep learning curve, limited automation capabilities, and restricted data output formats. CFIEE is an open-source tool with a graphical interface for the automated extraction of control flow critical metadata. The tool possesses the capability to analyze RISC-V binary executables, transforming the binary into an intermediate representation (IR) in the form of the disassembled code, and extracting the critical metadata required for studying hardware-based CFI mechanism through a designed control flow transfer relationship analysis algorithm. The extracted metadata include program basic blocks and their corresponding hash values, control flow graphs, function call relationships, distribution of forward transfer instructions, etc. We selected 15 embedded system programs with processor adaptation for functional verification. The results demonstrate the CFIEE’s capability to automatically analyze programs within the supported RISC-V instruction set and generate comprehensive and precise metadata files. This tool can significantly enhance the efficiency of control flow metadata extraction and furnish configurable metadata for the hardware-based security mechanisms.
Funder
National Natural Science Foundation of China
Science and Technology Support Plan for Youth Innovation of Colleges and Universities in Shandong Province of China
Shandong Provincial Natural Science Foundation
Reference32 articles.
1. Buffer overflow and format string overflow vulnerabilities;Lhee;Softw. Pract. Exper.,2003
2. Return-oriented programming: Systems, languages, and applications;Roemer;ACM Trans. Inf. Syst. Secur. (TISSEC),2012
3. Control-flow integrity principles, implementations, and applications;Abadi;ACM Trans. Inf. Syst. Secur. (TISSEC),2009
4. Survey of Control-flow Integrity Techniques for Real-time Embedded Systems;Mishra;ACM Trans. Inf. Syst. Secur. (TISSEC),2022
5. Dariz, L., Ruggeri, M., and Selvatici, M. (2015, January 27–28). A static microcode analysis tool for programmable load drivers. Proceedings of the 2015 IEEE 15th International Working Conference on Source Code Analysis and Manipulation (SCAM), Bremen, Germany.