all InfoSec news
TitanCFI: Toward Enforcing Control-Flow Integrity in the Root-of-Trust. (arXiv:2401.02567v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Modern RISC-V platforms control and monitor security-critical systems such as
industrial controllers and autonomous vehicles. While these platforms feature a
Root-of-Trust (RoT) to store authentication secrets and enable secure boot
technologies, they often lack Control-Flow Integrity (CFI) enforcement and are
vulnerable to cyber-attacks which divert the control flow of an application to
trigger malicious behaviours. Recent techniques to enforce CFI in RISC-V
systems include ISA modifications or custom hardware IPs, all requiring ad-hoc
binary toolchains or design of CFI primitives …
attacks authentication autonomous autonomous vehicles boot control controllers critical critical systems cyber enable enforcement feature flow industrial integrity monitor platforms risc-v root secrets secure boot security store systems technologies trust vehicles vulnerable