{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T06:46:46Z","timestamp":1742971606038,"version":"3.40.3"},"publisher-location":"Cham","reference-count":46,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319944951"},{"type":"electronic","value":"9783319944968"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-94496-8_2","type":"book-chapter","created":{"date-parts":[[2018,6,19]],"date-time":"2018-06-19T01:30:19Z","timestamp":1529371819000},"page":"9-26","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Enforcing Full-Stack Memory-Safety in Cyber-Physical Systems"],"prefix":"10.1007","author":[{"given":"Eyasu Getahun","family":"Chekole","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sudipta","family":"Chattopadhyay","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mart\u00edn","family":"Ochoa","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guo","family":"Huaqun","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,6,20]]},"reference":[{"key":"2_CR1","doi-asserted-by":"crossref","unstructured":"Sha, L., Gopalakrishnan, S., Liu, X., Wang, Q.: Cyber-physical systems: a new frontier. In: SUTC 2008 (2008)","DOI":"10.1109\/SUTC.2008.85"},{"key":"2_CR2","unstructured":"Lee, E.A., Seshia, S.A.: Introduction to Embedded Systems - A Cyber-Physical Systems Approach, 2nd edn, version 2.0 edn. LeeSeshia.org (2015)"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"Lee, E.A.: Cyber physical systems: design challenges. In: ISORC 2008 (2008)","DOI":"10.1109\/ISORC.2008.25"},{"key":"2_CR4","unstructured":"MITRE: Common Vulnerabilities and Exposures. \nhttps:\/\/cve.mitre.org\/"},{"key":"2_CR5","unstructured":"CVE-5814. \nhttps:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-5814"},{"key":"2_CR6","unstructured":"CVE-6438. \nhttps:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-6438"},{"key":"2_CR7","unstructured":"CVE-6436. \nhttps:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-6436"},{"key":"2_CR8","unstructured":"CVE-0674. \nhttps:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-0674"},{"key":"2_CR9","unstructured":"CVE-1449. \nhttps:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-1449"},{"key":"2_CR10","unstructured":"CVE-0929. \nhttps:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-0929"},{"key":"2_CR11","unstructured":"CVE-7937. \nhttps:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-7937"},{"key":"2_CR12","unstructured":"CVE-5007. \nhttps:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2011-5007"},{"key":"2_CR13","unstructured":"NVD: NVD Statistics on The Linux Kernel Vulnerabilities (2018). \nhttps:\/\/nvd.nist.gov\/vuln\/search\/results?adv_search=false&form_type=basic&results_type=overview&search_type=all&query=linux+kernel"},{"key":"2_CR14","doi-asserted-by":"crossref","unstructured":"Berger, E.D., Zorn, B.G.: DieHard: probabilistic memory safety for unsafe languages. In: PLDI 2006 (2006)","DOI":"10.1145\/1133981.1134000"},{"key":"2_CR15","doi-asserted-by":"crossref","unstructured":"Novark, G., Berger, E.D.: DieHarder: securing the heap. In: CCS 2010 (2010)","DOI":"10.1145\/1866307.1866371"},{"issue":"11","key":"2_CR16","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1145\/1168918.1168884","volume":"41","author":"Mazen Kharbutli","year":"2006","unstructured":"Kharbutli, M., Jiang, X., Solihin, Y., Venkataramani, G., Prvulovic, M.: Comprehensively and efficiently protecting the heap. In: ASPLOS 2006 (2006)","journal-title":"ACM SIGPLAN Notices"},{"key":"2_CR17","doi-asserted-by":"crossref","unstructured":"Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow integrity. In: CCS 2005, pp. 340\u2013353 (2005)","DOI":"10.1145\/1102120.1102165"},{"key":"2_CR18","unstructured":"Zhang, M., Sekar, R.: Control flow integrity for cots binaries. In: USENIX 2013"},{"key":"2_CR19","unstructured":"Tice, C., Roeder, T., Collingbourne, P., Checkoway, S., Erlingsson, \u00da., Lozano, L., Pike, G.: Enforcing forward-edge control-flow integrity in GCC & LLVM. In: USENIX 2014, pp. 941\u2013955 (2014)"},{"key":"2_CR20","unstructured":"Serebryany, K., Bruening, D., Potapenko, A., Vyukov, D.: AddressSanitizer: a fast address sanity checker. In: USENIX ATC 2012 (2012)"},{"key":"2_CR21","doi-asserted-by":"crossref","unstructured":"Nagarakatte, S., Zhao, J., Martin, M.M., Zdancewic, S.: SoftBound: highly compatible and complete spatial memory safety for C. In: PLDI 2009 (2009)","DOI":"10.1145\/1542476.1542504"},{"key":"2_CR22","doi-asserted-by":"crossref","unstructured":"Nagarakate, S., Zhao, J., Martin, M.M., Zdancewic, S.: CETS: compiler enforced temporal safety for C. In: ISMM 2010 (2010)","DOI":"10.1145\/1806651.1806657"},{"issue":"1","key":"2_CR23","first-page":"93","volume":"43","author":"MS Simpson","year":"2013","unstructured":"Simpson, M.S., Barua, R.K.: MemSafe: ensuring the spatial and temporal memory safety of C at runtime. Softw.: Pract. Exp. 43(1), 93\u2013128 (2013)","journal-title":"Softw.: Pract. Exp."},{"key":"2_CR24","doi-asserted-by":"crossref","unstructured":"Bruening, D., Zhao, Q.: Practical memory checking with Dr. Memory. In: CGO 2011 (2011)","DOI":"10.1109\/CGO.2011.5764689"},{"issue":"3","key":"2_CR25","doi-asserted-by":"publisher","first-page":"477","DOI":"10.1145\/1065887.1065892","volume":"27","author":"GC Necula","year":"2005","unstructured":"Necula, G.C., Condit, J., Harren, M., McPeak, S., Weimer, W.: CCured: type-safe retrofitting of legacy software. ACM Trans. Progr. Lang. Syst. 27(3), 477\u2013526 (2005)","journal-title":"ACM Trans. Progr. Lang. Syst."},{"key":"2_CR26","unstructured":"Eigler, F.C.: Mudflap: Pointer Use Checking for C\/C++. In: GCC Developer\u2019s Summit. Red Hat Inc (2003)"},{"key":"2_CR27","unstructured":"KASAN: The Kernel Address Sanitizer (2018). \nhttps:\/\/www.kernel.org\/doc\/html\/v4.12\/dev-tools\/kasan.html"},{"key":"2_CR28","unstructured":"iTrust: Secure Water Treatment (SWaT) Testbed. \nhttps:\/\/itrust.sutd.edu.sg\/research\/testbeds\/secure-water-treatment-swat\/"},{"key":"2_CR29","doi-asserted-by":"crossref","unstructured":"Ahmed, C.M., Adepu, S., Mathur, A.: Limitations of state estimation based cyber attack detection schemes in industrial control systems. In: SCSP-W 2016 (2016)","DOI":"10.1109\/SCSPW.2016.7509557"},{"key":"2_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1007\/978-3-319-72817-9_9","volume-title":"Computer Security","author":"EG Chekole","year":"2017","unstructured":"Chekole, E.G., Castellanos, J.H., Ochoa, M., Yau, D.K.Y.: Enforcing memory safety in cyber-physical systems. In: Katsikas, S., et al. (eds.) SECPRE 2017, CyberICPS 2017. LNCS, vol. 10683, pp. 127\u2013144. Springer, Cham (2017). \nhttps:\/\/doi.org\/10.1007\/978-3-319-72817-9_9"},{"key":"2_CR31","unstructured":"AddressSanitizer Github Repository. \nhttps:\/\/github.com\/google\/sanitizers\/wiki\/AddressSanitizerComparisonOfMemoryTools"},{"key":"2_CR32","unstructured":"KASAN Wiki: The Kernel Address Sanitizer Wiki (2018). \nhttps:\/\/github.com\/google\/kasan\/wiki"},{"key":"2_CR33","unstructured":"KASAN Bug Report: List of Kernel Bugs Detected by KASan (2018). \nhttps:\/\/github.com\/google\/kasan\/wiki\/Found-Bugs"},{"key":"2_CR34","unstructured":"TOFINO SECURITY. \nhttps:\/\/www.tofinosecurity.com\/blog\/plc-security-risk-controller-operating-systems\/"},{"key":"2_CR35","unstructured":"LinPAC. \nhttp:\/\/www.icpdas.com\/root\/product\/solutions\/pac\/linpac\/linpac-8000_introduction.html\/"},{"key":"2_CR36","unstructured":"OpenPLC. \nhttp:\/\/www.openplcproject.com\/"},{"key":"2_CR37","unstructured":"WAGO: Linux Programmable Fieldbus Controller"},{"key":"2_CR38","unstructured":"CERT.ORG: Vulnerability Notes Database"},{"key":"2_CR39","unstructured":"ScadaBR. \nhttp:\/\/www.scadabr.com.br\/"},{"key":"2_CR40","doi-asserted-by":"crossref","unstructured":"Cooprider, N., Archer, W., Eide, E., Gay, D., Regehr, J.: Efficient memory safety for TinyOS. In: SenSys 2007, pp. 205\u2013218 (2007)","DOI":"10.1145\/1322263.1322283"},{"key":"2_CR41","unstructured":"The Deputy Project (2007). \nhttp:\/\/deputy.cs.berkeley.edu"},{"issue":"5","key":"2_CR42","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/780822.781133","volume":"38","author":"David Gay","year":"2003","unstructured":"Gay, D., Levis, P., von Behren, R., Welsh, M., Brewer, E., Culler, D.: The nesC language: a holistic approach to networked embedded systems. In: PLDI 2003 (2003)","journal-title":"ACM SIGPLAN Notices"},{"issue":"2","key":"2_CR43","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1109\/MNET.2016.7437026","volume":"30","author":"H Zhang","year":"2016","unstructured":"Zhang, H., Shu, Y., Cheng, P., Chen, J.: Privacy and performance trade-off in cyber-physical systems. IEEE Netw. 30(2), 62\u201366 (2016)","journal-title":"IEEE Netw."},{"issue":"3","key":"2_CR44","doi-asserted-by":"publisher","first-page":"498","DOI":"10.1002\/etep.1862","volume":"25","author":"A Stefanov","year":"2015","unstructured":"Stefanov, A., Liu, C.C., Govindarasu, M., Wu, S.S.: SCADA modeling for performance and vulnerability assessment of integrated cyber-physical systems. Intern. Trans. Electr. Energy Syst. 25(3), 498\u2013519 (2015)","journal-title":"Intern. Trans. Electr. Energy Syst."},{"key":"2_CR45","doi-asserted-by":"crossref","unstructured":"Vuong, T.P., Loukas, G., Gan, D.: Performance evaluation of cyber-physical intrusion detection on a robotic vehicle. In: IEEE International Conference On Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (2015)","DOI":"10.1109\/CIT\/IUCC\/DASC\/PICOM.2015.313"},{"key":"2_CR46","doi-asserted-by":"crossref","unstructured":"Hu, H., Shinde, S., Adrian, S., Chua, Z.L., Saxena, P., Liang, Z.: Data-oriented programming: on the expressiveness of non-control data attacks. In: SP 2016 (2016)","DOI":"10.1109\/SP.2016.62"}],"container-title":["Lecture Notes in Computer Science","Engineering Secure Software and Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-94496-8_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,2,7]],"date-time":"2020-02-07T05:06:01Z","timestamp":1581051961000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-94496-8_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319944951","9783319944968"],"references-count":46,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-94496-8_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"20 June 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESSoS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Engineering Secure Software and Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Paris","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 June 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 June 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"essos2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/distrinet.cs.kuleuven.be\/events\/essos\/2018\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}