System and Method for Validating Program Execution at Run-Time Using Control Flow Signatures

Description:

 A simple hardware mechanism to validate the execution of a program continuously for fast validation of the program as it executes.    

 

 Background: 

 A central requirement for implementing trusted computing platforms is to validate whether a program executing on a potentially untrusted host is really the program the user thinks it is. If the host platform and its software environment are potentially compromised, the application may be compromised either through static replacement of the binaries or through linking the application dynamically to untrusted library functions or through dynamic code substitution at run time. The present technology provides a relatively simple hardware mechanism to validate the execution of a program continuously, as it executes. This mechanism not only validates the execution of the application, but also validates the execution of library functions and the kernel.

 

 Technology Overview:  

The present technology lends itself to modern pipelined design, and exploits modern processor architectures, permitting initial stages of program execution to speculatively execute with a contingent subsequent exception or flushing occurring dependent on the verification status.   In differing variations, the control flow signatures are either computed for the instructions within each individual basic block and verified against an expected signature of that basic block, or computed and accumulated into a single variable as control flows through each basic block in the course of executing a program. 

 

https://binghamton.technologypublisher.com/files/sites/photo-1477244075012-5cc28286e4651.jpeg

https://unsplash.com/photos/68ZlATaVYIo

 Advantages:  

  • Enables the tampering of a program to be detected as the program executes.
  • Fast validation of programs as they execute with very little performance overhead.
  • Mechanism fits easily into existing designs.

 

 

 

 Applications:  

 

  • Detection of malicious attempts to modify code.
  • Ensures that only certified code can run and detect run-time tampering of such code.
  • Permits trustworthy code to be distributed and used.
  • Detects instruction corruption due to faults – permanent or transient.

 

 

 Intellectual Property Summary: 

 

 

 

 

Patent Information:
For Information, Contact:
Scott Hancock
Senior Director, Technology Transfer
Binghamton University
(607) 777-5874
shancock@binghamton.edu
Inventors:
Kanad Ghose
Keywords:
#SUNYresearch
Technologies
© 2024. All Rights Reserved. Powered by Inteum