{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,10]],"date-time":"2026-03-10T14:57:37Z","timestamp":1773154657621,"version":"3.50.1"},"publisher-location":"Cham","reference-count":48,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319663319","type":"print"},{"value":"9783319663326","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-66332-6_12","type":"book-chapter","created":{"date-parts":[[2017,10,11]],"date-time":"2017-10-11T07:58:05Z","timestamp":1507708685000},"page":"259-284","source":"Crossref","is-referenced-by-count":42,"title":["CFI CaRE: Hardware-Supported Call and\u00a0Return Enforcement for Commercial Microcontrollers"],"prefix":"10.1007","author":[{"given":"Thomas","family":"Nyman","sequence":"first","affiliation":[]},{"given":"Jan-Erik","family":"Ekberg","sequence":"additional","affiliation":[]},{"given":"Lucas","family":"Davi","sequence":"additional","affiliation":[]},{"given":"N.","family":"Asokan","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,10,12]]},"reference":[{"key":"12_CR1","unstructured":"ARM compiler version 6.4 software development guide. http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.dui0773e (2015)"},{"issue":"1","key":"12_CR2","doi-asserted-by":"crossref","first-page":"4:1","DOI":"10.1145\/1609956.1609960","volume":"13","author":"M Abadi","year":"2009","unstructured":"Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity principles, implementations, and applications. ACM Trans. Inf. Syst. Secur. 13(1), 4:1\u20134:40 (2009). http:\/\/doi.acm.org\/10.1145\/1609956.1609960","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"12_CR3","unstructured":"ARM Ltd.: Procedure Call Standard for the ARM Architecture (2009). http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.ihi0042d"},{"key":"12_CR4","unstructured":"ARM Ltd.: ARMv8-M Architecture Reference Manual.(2016). http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.ddi0553a.b"},{"key":"12_CR5","unstructured":"Brown, N.: Control-flow Integrity for Real-time Embedded Systems. Master\u2019s thesis, Worcester Polytechnic Institute, Worcester, MA, USA (2017)"},{"key":"12_CR6","doi-asserted-by":"crossref","unstructured":"Buchanan, E., Roemer, R., Shacham, H., Savage, S.: When good instructions go bad: generalizing return-oriented programming to risc. In: Proceedings of the 15th ACM Conference on Computer and Communications Security. CCS 2008, pp. 27\u201338. ACM, New York (2008). http:\/\/doi.acm.org\/10.1145\/1455770.1455776","DOI":"10.1145\/1455770.1455776"},{"key":"12_CR7","unstructured":"Carlini, N., Barresi, A., Payer, M., Wagner, D., Gross, T.R.: Control-flow bending: on the effectiveness of control-flow integrity. In: Proceedings of the 24th USENIX Conference on Security Symposium. SEC 2015, pp. 161\u2013176. USENIX Association, Berkeley (2015). http:\/\/dl.acm.org\/citation.cfm?id=2831143.2831154"},{"key":"12_CR8","doi-asserted-by":"crossref","unstructured":"Checkoway, S., Davi, L., Dmitrienko, A., Sadeghi, A.R., Shacham, H., Winandy, M.: Return-oriented programming without returns. In: Proceedings of the 17th ACM Conference on Computer and Communications Security. CCS 2010, pp. 559\u2013572. ACM, New York (2010). http:\/\/doi.acm.org\/10.1145\/1866307.1866370","DOI":"10.1145\/1866307.1866370"},{"key":"12_CR9","unstructured":"Checkoway, S., Feldman, A.J., Kantor, B., Halderman, J.A., Felten, E.W., Shacham, H.: Can dres provide long-lasting security? the case of return-oriented programming and the AVC advantage. In: Proceedings of the 2009 Conference on Electronic Voting Technology\/Workshop on Trustworthy Elections. EVT\/WOTE 2009, p. 6. USENIX Association, Berkeley (2009). http:\/\/dl.acm.org\/citation.cfm?id=1855491.1855497"},{"key":"12_CR10","doi-asserted-by":"crossref","unstructured":"Chiueh, T.C., Hsu, F.H.: Rad: a compile-time solution to buffer overflow attacks. In: 21st International Conference on Distributed Computing Systems, pp. 409\u2013417, April 2001","DOI":"10.1109\/ICDSC.2001.918971"},{"key":"12_CR11","doi-asserted-by":"crossref","unstructured":"de Clercq, R., Keulenaer, R.D., Coppens, B., Yang, B., Maene, P., d. Bosschere, K., Preneel, B., De Sutter, B., Verbauwhede, I.: Sofia: software and control flow integrity architecture. In: 2016 Design, Automation Test in Europe Conference Exhibition (DATE), pp. 1172\u20131177, March 2016","DOI":"10.3850\/9783981537079_1001"},{"key":"12_CR12","doi-asserted-by":"crossref","unstructured":"de Clercq, R., Piessens, F., Schellekens, D., Verbauwhede, I.: Secure interrupts on low-end microcontrollers. In: 2014 IEEE 25th International Conference on Application-Specific Systems, Architectures and Processors, pp. 147\u2013152, June 2014","DOI":"10.1109\/ASAP.2014.6868649"},{"issue":"6","key":"12_CR13","doi-asserted-by":"crossref","first-page":"565","DOI":"10.1016\/0167-4048(93)90054-9","volume":"12","author":"FB Cohen","year":"1993","unstructured":"Cohen, F.B.: Operating system protection through program evolution. Comput. Secur. 12(6), 565\u2013584 (1993). http:\/\/dx.doi.org\/10.1016\/0167-4048(93)90054\u20139","journal-title":"Comput. Secur."},{"key":"12_CR14","doi-asserted-by":"crossref","unstructured":"Dang, T.H., Maniatis, P., Wagner, D.: The performance cost of shadow stacks and stack canaries. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ASIA CCS 2015, pp. 555\u2013566. ACM, New York (2015). http:\/\/doi.acm.org\/10.1145\/2714576.2714635","DOI":"10.1145\/2714576.2714635"},{"key":"12_CR15","unstructured":"Davi, L., Dmitrienko, A., Egele, M., Fischer, T., Holz, T., Hund, R., N\u00fcrnberger, S., Sadeghi, A.R.: MoCFI: a framework to mitigate control-flow attacks on smartphones. In: 19th Annual Network and Distributed System Security Symposium. NDSS 2012, February 5\u20138, San Diego, USA (2012). http:\/\/www.internetsociety.org\/mocfi-framework-mitigate-control-flow-attacks-smartphones"},{"key":"12_CR16","unstructured":"Davi, L., Hanreich, M., Paul, D., Sadeghi, A.R., Koeberl, P., Sullivan, D., Arias, O., Jin, Y.: Hafix: hardware-assisted flow integrity extension. In: Proceedings of the 52Nd Annual Design Automation Conference. DAC 2015, pp. 74:1\u201374:6. ACM, New York (2015). http:\/\/doi.acm.org\/10.1145\/2744769.2744847"},{"key":"12_CR17","doi-asserted-by":"crossref","unstructured":"Davi, L., Sadeghi, A.R., Winandy, M.: Ropdefender: a detection tool to defend against return-oriented programming attacks. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security. ASIACCS 2011, pp. 40\u201351. ACM, New York (2011). http:\/\/doi.acm.org\/10.1145\/1966913.1966920","DOI":"10.1145\/1966913.1966920"},{"key":"12_CR18","unstructured":"Eldefrawy, K., Francillon, A., Perito, D., Tsudik, G.: SMART: secure and minimal architecture for (Establishing a Dynamic) root of trust. In: 19th Annual Network and Distributed System Security Symposium. NDSS 2012, February 5\u20138, San Diego, USA, February 2012. http:\/\/www.eurecom.fr\/publication\/3536"},{"key":"12_CR19","unstructured":"Ericssson: Ericsson Mobility Report (2015). http:\/\/www.ericsson.com\/res\/docs\/2015\/mobility-report\/ericsson-mobility-report-nov-2015.pdf"},{"key":"12_CR20","unstructured":"Erlingsson, U., Abadi, M., Vrable, M., Budiu, M., Necula, G.C.: Xfi: software guards for system address spaces. In: Proceedings of the 7th Symposium on Operating Systems Design and Implementation. OSDI 2006, pp. 75\u201388. USENIX Association, Berkeley (2006). http:\/\/dl.acm.org\/citation.cfm?id=1298455.1298463"},{"key":"12_CR21","doi-asserted-by":"crossref","unstructured":"Francillon, A., Castelluccia, C.: Code injection attacks on harvard-architecture devices. In: Proceedings of the 15th ACM Conference on Computer and Communications Security. CCS 2008, pp. 15\u201326. ACM, New York (2008). http:\/\/doi.acm.org\/10.1145\/1455770.1455775","DOI":"10.1145\/1455770.1455775"},{"key":"12_CR22","doi-asserted-by":"crossref","unstructured":"Francillon, A., Perito, D., Castelluccia, C.: Defending embedded systems against control flow attacks. In: Proceedings of the First ACM Workshop on Secure Execution of Untrusted Code. SecuCode 2009, pp. 19\u201326. ACM, New York (2009). http:\/\/doi.acm.org\/10.1145\/1655077.1655083","DOI":"10.1145\/1655077.1655083"},{"key":"12_CR23","unstructured":"Gartner: Gartner Says Managing Identities and Access Will Be Critical to the Success of the Internet of Things (2015). http:\/\/www.gartner.com\/newsroom\/id\/2985717"},{"key":"12_CR24","unstructured":"Giffin, J.T., Jha, S., Miller, B.P.: Detecting manipulated remote call streams. In: Proceedings of the 11th USENIX Security Symposium, pp. 61\u201379. USENIX Association, Berkeley (2002). http:\/\/dl.acm.org\/citation.cfm?id=647253.720282"},{"key":"12_CR25","unstructured":"Giffin, J.T., Jha, S., Miller, B.P.: Efficient context-sensitive intrusion detection. In: Proceedings of the Network and Distributed System Security Symposium. NDSS 2004 (2004)"},{"key":"12_CR26","unstructured":"Eclipse IoT Working Group, IEEE IoT, AGILE IoT and IoT Council: IoT Developer Survey 2017 (2017). https:\/\/ianskerrett.wordpress.com\/2017\/04\/19\/iot-developer-trends-2017-edition\/"},{"key":"12_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-25645-0_8","volume-title":"Network and System Security","author":"J Habibi","year":"2015","unstructured":"Habibi, J., Panicker, A., Gupta, A., Bertino, E.: DisARM: mitigating buffer overflow attacks on embedded devices. In: Qiu, M., Xu, S., Yung, M., Zhang, H. (eds.) NSS 2015. LNCS, vol. 9408. Springer, Cham (2015). doi: 10.1007\/978-3-319-25645-0_8"},{"key":"12_CR28","unstructured":"Hewlett-Packard: Data Execution Prevention (2006). http:\/\/h10032.www1.hp.com\/ctg\/Manual\/c00387685.pdf"},{"key":"12_CR29","unstructured":"Hu, H., Shinde, S., Adrian, S., Chua, Z.L., Saxena, P., Liang, Z.: Data-oriented programming: on the expressiveness of non-control data attacks. In: IEEE Symposium on Security and Privacy, SP 2016, San Jose, CA, USA, May 22\u201326, 2016, pp. 969\u2013986 (2016). http:\/\/doi.ieeecomputersociety.org\/10.1109\/SP.2016.62"},{"key":"12_CR30","unstructured":"Intel: Control-flow Enforcement Technology Preview (2016). https:\/\/software.intel.com\/sites\/default\/files\/managed\/4d\/2a\/control-flow-enforcement-technology-preview.pdf"},{"key":"12_CR31","unstructured":"Koeberl, P., Schulz, S., Sadeghi, A.R., Varadharajan, V.: TrustLite: a security architecture for tiny embedded devices. In: Proceedings of the Ninth European Conference on Computer Systems. EuroSys 2014, pp. 10:1\u201310:14. ACM, New York (2014). http:\/\/doi.acm.org\/10.1145\/2592798.2592824"},{"key":"12_CR32","unstructured":"Kornau, T.: Return Oriented Programming for the ARM Architecture. Master\u2019s thesis, Ruhr-University Bochum (2009). http:\/\/static.googleusercontent.com\/media\/www.zynamics.com\/en\/\/downloads\/kornau-tim-diplomarbeit-rop.pdf"},{"key":"12_CR33","doi-asserted-by":"crossref","unstructured":"Kumar, R., Singhania, A., Castner, A., Kohler, E., Srivastava, M.: A system for coarse grained memory protection in tiny embedded processors. In: Proceedings of the 44th Annual Design Automation Conference. DAC 2007, pp. 218\u2013223. ACM, New York (2007). http:\/\/doi.acm.org\/10.1145\/1278480.1278534","DOI":"10.1145\/1278480.1278534"},{"key":"12_CR34","doi-asserted-by":"crossref","unstructured":"Larsen, P., Homescu, A., Brunthaler, S., Franz, M.: Sok: automated software diversity. In: Proceedings of the 2014 IEEE Symposium on Security and Privacy, SP 2014, pp. 276\u2013291. IEEE Computer Society, Washington, DC (2014). http:\/\/dx.doi.org\/10.1109\/SP.2014.25","DOI":"10.1109\/SP.2014.25"},{"key":"12_CR35","unstructured":"Le, L.: ARM Exploitation ROPMap. BlackHat USA (2011)"},{"key":"12_CR36","doi-asserted-by":"crossref","unstructured":"Lian, W., Shacham, H., Savage, S.: Too LeJIT to quit: extending JIT spraying to ARM. In: Kirda, E. (ed.) Proceedings of NDSS 2015. Internet Society, February 2015","DOI":"10.14722\/ndss.2015.23288"},{"key":"12_CR37","unstructured":"Microsoft: Enhanced Mitigation Experience Toolkit (2016). https:\/\/www.microsoft.com\/emet"},{"issue":"1","key":"12_CR38","doi-asserted-by":"crossref","first-page":"78","DOI":"10.1109\/TDSC.2006.14","volume":"3","author":"D Nebenzahl","year":"2006","unstructured":"Nebenzahl, D., Sagiv, M., Wool, A.: Install-time vaccination of windows executables to defend against stack smashing attacks. IEEE Trans. Dependable Secur. Comput. 3(1), 78\u201390 (2006). http:\/\/dx.doi.org\/10.1109\/TDSC.2006.14","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"12_CR39","doi-asserted-by":"crossref","unstructured":"Niu, B., Tan, G.: Per-input control-flow integrity. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. CCS 2015, pp. 914\u2013926. ACM, New York (2015). http:\/\/doi.acm.org\/10.1145\/2810103.2813644","DOI":"10.1145\/2810103.2813644"},{"key":"12_CR40","unstructured":"Noorman, J., Agten, P., Daniels, W., Strackx, R., Van Herrewege, A., Huygens, C., Preneel, B., Verbauwhede, I., Piessens, F.: Sancus: low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In: Proceedings of the 22nd USENIX Conference on Security. SEC 2013, pp. 479\u2013494. USENIX Association, Berkeley (2013). http:\/\/dl.acm.org\/citation.cfm?id=2534766.2534808"},{"key":"12_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1007\/978-3-319-40667-1_4","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"S Pastrana","year":"2016","unstructured":"Pastrana, S., Tapiador, J., Suarez-Tangil, G., Peris-L\u00f3pez, P.: AVRAND: a software-based defense against code reuse attacks for AVR embedded devices. In: Caballero, J., Zurutuza, U., Rodr\u00edguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 58\u201377. Springer, Cham (2016). doi: 10.1007\/978-3-319-40667-1_4"},{"key":"12_CR42","unstructured":"Prasad, M., Chiueh, T.: A binary rewriting defense against stack based overflow attacks. In: Proceedings of the USENIX Annual Technical Conference, pp. 211\u2013224 (2003)"},{"key":"12_CR43","unstructured":"Qualcomm Technologies Inc: Pointer Authentication on ARMv8.3. (2017). https:\/\/www.qualcomm.com\/media\/documents\/files\/whitepaper-pointer-authentication-on-armv8-3.pdf"},{"key":"12_CR44","doi-asserted-by":"crossref","unstructured":"Shacham, H.: The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM Conference on Computer and Communications Security. CCS 2007, pp. 552\u2013561. ACM, New York (2007). http:\/\/doi.acm.org\/10.1145\/1315245.1315313","DOI":"10.1145\/1315245.1315313"},{"key":"12_CR45","unstructured":"Designer, S.: lpr LIBC RETURN exploit (1997). http:\/\/insecure.org\/sploits\/linux.libc.return.lpr.sploit.html"},{"key":"12_CR46","doi-asserted-by":"crossref","unstructured":"Szekeres, L., Payer, M., Wei, T., Song, D.: Sok: eternal war in memory. In: Proceedings of the 2013 IEEE Symposium on Security and Privacy. SP 2013, pp. 48\u201362. IEEE Computer Society, Washington, DC (2013). http:\/\/dx.doi.org\/10.1109\/SP.2013.13","DOI":"10.1109\/SP.2013.13"},{"issue":"10","key":"12_CR47","doi-asserted-by":"crossref","first-page":"1013","DOI":"10.1145\/358274.358283","volume":"27","author":"RP Weicker","year":"1984","unstructured":"Weicker, R.P.: Dhrystone: a synthetic systems programming benchmark. Commun. ACM 27(10), 1013\u20131030 (1984). http:\/\/doi.acm.org\/10.1145\/358274.358283","journal-title":"Commun. ACM"},{"key":"12_CR48","unstructured":"Yiu, J.: ARMv8-M architecture technical overview (2015). https:\/\/community.arm.com\/docs\/DOC-10896"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-66332-6_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,4]],"date-time":"2019-10-04T09:18:30Z","timestamp":1570180710000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-66332-6_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319663319","9783319663326"],"references-count":48,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-66332-6_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}