all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

TitanCFI: Toward Enforcing Control-Flow Integrity in the Root-of-Trust. (arXiv:2401.02567v1 [cs.CR])

Add to bookmarks
Jan. 8, 2024, 2:10 a.m. | Emanuele Parisi, Alberto Musa, Simone Manoni, Maicol Ciani, Davide Rossi, Francesco Barchi, Andrea Bartolini, Andrea Acquaviva

cs.CR updates on arXiv.org arxiv.org

Modern RISC-V platforms control and monitor security-critical systems such as
industrial controllers and autonomous vehicles. While these platforms feature a
Root-of-Trust (RoT) to store authentication secrets and enable secure boot
technologies, they often lack Control-Flow Integrity (CFI) enforcement and are
vulnerable to cyber-attacks which divert the control flow of an application to
trigger malicious behaviours. Recent techniques to enforce CFI in RISC-V
systems include ISA modifications or custom hardware IPs, all requiring ad-hoc
binary toolchains or design of CFI primitives …

attacks authentication autonomous autonomous vehicles boot control controllers critical critical systems cyber enable enforcement feature flow industrial integrity monitor platforms risc-v root secrets secure boot security store systems technologies trust vehicles vulnerable

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

PrivLM-Bench: A Multi-level Privacy Evaluation Benchmark for Language Models 2 days, 3 hours ago | arxiv.org
accessibility art arxiv attention +15
Provably Robust Cost-Sensitive Learning via Randomized Smoothing 2 days, 3 hours ago | arxiv.org
arxiv cost cs.cr cs.lg +1
WW-FL: Secure and Private Large-Scale Federated Learning 2 days, 3 hours ago | arxiv.org
arxiv attacks client cs.cr +28
Formalizing and Benchmarking Prompt Injection Attacks and Defenses 2 days, 3 hours ago | arxiv.org
arxiv attacks benchmarking cs.ai +9
SecureFalcon: Are We There Yet in Automated Software Vulnerability Detection with LLMs? 2 days, 3 hours ago | arxiv.org
adoption analysis applications arxiv +30
An Efficient and Multi-private Key Secure Aggregation for Federated Learning 2 days, 3 hours ago | arxiv.org
aggregation arxiv client cs.ai +21
How (not) to Build Quantum PKE in Minicrypt 2 days, 3 hours ago | arxiv.org
arxiv box build can +12
Computing Low-Entropy Couplings for Large-Support Distributions 2 days, 3 hours ago | arxiv.org
arxiv computing cs.cr cs.it +6
Unveiling and Mitigating Backdoor Vulnerabilities based on Unlearning Weight Changes and Backdoor Activeness 2 days, 3 hours ago | arxiv.org
arxiv attacks backdoor backdoor attacks +14

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com