{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,23]],"date-time":"2025-10-23T21:06:22Z","timestamp":1761253582898,"version":"3.37.3"},"reference-count":41,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2021,11,6]],"date-time":"2021-11-06T00:00:00Z","timestamp":1636156800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,11,6]],"date-time":"2021-11-06T00:00:00Z","timestamp":1636156800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/100009226","name":"National Security Agency","doi-asserted-by":"publisher","award":["H98230-18-D-0010"],"award-info":[{"award-number":["H98230-18-D-0010"]}],"id":[{"id":"10.13039\/100009226","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1739328"],"award-info":[{"award-number":["CNS-1739328"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000161","name":"National Institute of Standards and Technology","doi-asserted-by":"publisher","award":["70NANB17H266"],"award-info":[{"award-number":["70NANB17H266"]}],"id":[{"id":"10.13039\/100000161","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2022,6]]},"DOI":"10.1007\/s10207-021-00568-1","type":"journal-article","created":{"date-parts":[[2021,11,6]],"date-time":"2021-11-06T17:02:48Z","timestamp":1636218168000},"page":"597-610","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Data space randomization for securing cyber-physical systems"],"prefix":"10.1007","volume":"21","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2049-2546","authenticated-orcid":false,"given":"Bradley","family":"Potteiger","sequence":"first","affiliation":[]},{"given":"Feiyang","family":"Cai","sequence":"additional","affiliation":[]},{"given":"Zhenkai","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Xenofon","family":"Koutsoukos","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,11,6]]},"reference":[{"key":"568_CR1","doi-asserted-by":"crossref","unstructured":"Abbas, Z., Rehman, M.-U., Najam, S., Rizvi, S.D.: An efficient gray-level co-occurrence matrix (GLCM) based approach towards classification of skin lesion. In: 2019 Amity International Conference on Artificial Intelligence (AICAI), pp. 317\u2013320. IEEE (2019)","DOI":"10.1109\/AICAI.2019.8701374"},{"key":"568_CR2","unstructured":"Andersen, L.O.: Program analysis and specialization for the C programming language. Ph.D. thesis, University of Cophenhagen (1994)"},{"key":"568_CR3","doi-asserted-by":"crossref","unstructured":"Anderson, P.: Coding standards for high-confidence embedded systems. In: MILCOM 2008-2008 IEEE Military Communications Conference, pp. 1\u20137. IEEE (2008)","DOI":"10.1109\/MILCOM.2008.4753206"},{"key":"568_CR4","doi-asserted-by":"publisher","first-page":"1491","DOI":"10.1109\/TSE.1985.231893","volume":"12","author":"A Avizienis","year":"1985","unstructured":"Avizienis, A.: The n-version approach to fault-tolerant software. IEEE Trans. Softw. Eng. 12, 1491\u20131501 (1985)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"568_CR5","unstructured":"Barr, P., Narin, A., Varia, J.: Building fault-tolerant applications on AWS. Amazon Web Services, pp. 1\u201315 (2011)"},{"key":"568_CR6","unstructured":"Bhatkar, S., Sekar, S.: Data space randomization. In: Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2008)"},{"key":"568_CR7","doi-asserted-by":"crossref","unstructured":"Bhatkar, S., Sekar, S.: Data space randomization. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 1\u201322. Springer (2008)","DOI":"10.1007\/978-3-540-70542-0_1"},{"issue":"1","key":"568_CR8","first-page":"6","volume":"48","author":"B Blair","year":"2018","unstructured":"Blair, B.: Strengthening checks on presidential nuclear launch authority. Arms Control Today 48(1), 6\u201313 (2018)","journal-title":"Arms Control Today"},{"key":"568_CR9","unstructured":"Cadar, C., Akritidis, P., Costa, M., Martin, J.-P., Castro, M.: Data randomization. Technical report, technical report TR-2008-120, Microsoft Research, 2008. Cited on (2008)"},{"key":"568_CR10","unstructured":"Capelletti, M.: Unlinker: an approach to identify original compilation units in stripped binaries (2017)"},{"issue":"3","key":"568_CR11","first-page":"3","volume":"46","author":"RN Charette","year":"2009","unstructured":"Charette, R.N.: This car runs on code. IEEE Spectr. 46(3), 3 (2009)","journal-title":"IEEE Spectr."},{"key":"568_CR12","unstructured":"Chen, S., Xu, J., Nakka, N., Kalbarczyk, Z., Iyer, R.K.: Defeating memory corruption attacks via pointer taintedness detection. In: 2005 International Conference on Dependable Systems and Networks (DSN\u201905), pp. 378\u2013387. IEEE (2005)"},{"key":"568_CR13","unstructured":"Chen, S., Xu, J., Sezer, E.C., Gauriar, P., Iyer, R.K.: Non-control-data attacks are realistic threats. In: USENIX Security Symposium, vol. 5 (2005)"},{"key":"568_CR14","doi-asserted-by":"crossref","unstructured":"Co, M., Davidson, J.W., Hiser, J.D., Knight, J.C., Nguyen-Tuong, J.C., Weimer, W., Burket, J., Frazier, G.L., Frazier, T.M., Dutertre B., et al.: Double helix and raven: a system for cyber fault tolerance and recovery. In: Proceedings of the 11th Annual Cyber and Information Security Research Conference, pp. 1\u20134 (2016)","DOI":"10.1145\/2897795.2897805"},{"key":"568_CR15","volume-title":"Beaglebone Black System Reference Manual","author":"G Coley","year":"2013","unstructured":"Coley, G.: Beaglebone Black System Reference Manual. Texas Instruments, Dallas (2013)"},{"key":"568_CR16","unstructured":"Cowan, B., Beattie, S., Johansen, S., Wagle, P.: Pointguard TM: protecting pointers from buffer overflow vulnerabilities. In: Proceedings of the 12th Conference on USENIX Security Symposium, vol. 12, pp. 91\u2013104 (2003)"},{"key":"568_CR17","doi-asserted-by":"crossref","unstructured":"Crandall, J.R., Chong, F.T.: Minos: control data attack prevention orthogonal to memory model. In: Proceedings of the 37th Annual IEEE\/ACM International Symposium on Microarchitecture, pp. 221\u2013232. IEEE Computer Society (2004)","DOI":"10.1109\/MICRO.2004.26"},{"key":"568_CR18","doi-asserted-by":"crossref","unstructured":"Demay, J.-C., Totel, J.-C., Tronel, F.: Sidan: a tool dedicated to software instrumentation for detecting attacks on non-control-data. In: 2009 Fourth International Conference on Risks and Security of Internet and Systems (CRiSIS 2009), pp. 51\u201358. IEEE (2009)","DOI":"10.1109\/CRISIS.2009.5411977"},{"key":"568_CR19","unstructured":"Dinaburg, A., Ruef, A.: Mcsema: static translation of x86 instructions to llvm. In: ReCon 2014 Conference, Montreal, Canada (2014)"},{"key":"568_CR20","unstructured":"Disassembler, I.P.: Debugger (2010)"},{"key":"568_CR21","unstructured":"Dosovitskiy, A., Ros, G., Codevilla, F., Lopez, A., Koltun, V.: Carla: An open urban driving simulator. arXiv preprint arXiv:1711.03938 (2017)"},{"issue":"1","key":"568_CR22","first-page":"14","volume":"13","author":"C Gorgovan","year":"2016","unstructured":"Gorgovan, C., D\u2019antras, A., Luj\u00e1n, M.: MAMBO: a low-overhead dynamic binary modification tool for ARM. ACM Trans. Archit. Code Optim. TACO 13(1), 14 (2016)","journal-title":"ACM Trans. Archit. Code Optim. TACO"},{"key":"568_CR23","unstructured":"Hilderman, V., Baghi, T.: Avionics certification: a complete guide to DO-178 (software), DO-254 (hardware). Avionics Communications (2007)"},{"key":"568_CR24","doi-asserted-by":"crossref","unstructured":"Homescu, A., Neisius, S., Larsen, S., Brunthaler, S., Franz, S.: Profile-guided automated software diversity. In: Proceedings of the 2013 IEEE\/ACM International Symposium on Code Generation and Optimization (CGO), pp. 1\u201311. IEEE (2013)","DOI":"10.1109\/CGO.2013.6494997"},{"key":"568_CR25","doi-asserted-by":"crossref","unstructured":"Hu, H., Shinde, S., Adrian, S., Chua, Z.L., Saxena, P., Liang, Z.: Data-oriented programming: on the expressiveness of non-control data attacks. In: 2016 IEEE Symposium on Security and Privacy (SP). IEEE, pp. 969\u2013986 (2016)","DOI":"10.1109\/SP.2016.62"},{"key":"568_CR26","unstructured":"Lattner, C., Adve, C.: LLVM: a compilation framework for lifelong program analysis & transformation. In: International Symposium on Code Generation and Optimization, 2004. CGO 2004, pp. 75\u201386. IEEE (2004)"},{"key":"568_CR27","unstructured":"Lattner, C., et al.: The LLVM compiler infrastructure. http:\/\/llvm.org (2010)"},{"key":"568_CR28","unstructured":"Markl, C.: Case study on LLVM as suitable intermediate language for binary analysis. ret, 32:0"},{"key":"568_CR29","unstructured":"Miller, C., Valasek, C.: Remote exploitation of an unaltered passenger vehicle. Black Hat USA, 2015 (2015)"},{"key":"568_CR30","unstructured":"Miller, C., Valasek, C.: Securing self-driving cars (one company at a time). In: Presented at Black Hat (2018)"},{"key":"568_CR31","doi-asserted-by":"crossref","unstructured":"Naphade, M., Anastasiu, D.C., Sharma, A., Jagrlamudi, V., Jeon, H., Liu, H., Chang, M.-C., Lyu, S., Gao, S.: The NVIDIA AI city challenge. In: 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld\/SCALCOM\/UIC\/ATC\/CBDCom\/IOP\/SCI), pp. 1\u20136. IEEE (2017)","DOI":"10.1109\/UIC-ATC.2017.8397673"},{"key":"568_CR32","doi-asserted-by":"crossref","unstructured":"Okhravi, H., Hobson, T., Bigelow, D., Streilein, W.: Finding focus in the blur of moving-target techniques. IEEE Security and Privacy (2014)","DOI":"10.21236\/ADA591804"},{"key":"568_CR33","unstructured":"One, A.: Smashing the stack for fun and profit (1996). See http:\/\/www.phrack.org\/show.php (2007)"},{"key":"568_CR34","doi-asserted-by":"crossref","unstructured":"Potteiger, B., Zhang, Z., Koutsoukos, X.: Integrated data space randomization and control reconfiguration for securing cyber-physical systems. In: Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security, p. 3. ACM (2019)","DOI":"10.1145\/3314058.3314064"},{"key":"568_CR35","doi-asserted-by":"publisher","first-page":"102954","DOI":"10.1016\/j.micpro.2019.102954","volume":"73","author":"B Potteiger","year":"2020","unstructured":"Potteiger, B., Zhang, Z., Koutsoukos, X.: Integrated moving target defense and control reconfiguration for securing cyber-physical systems. Microprocess. Microsyst. 73, 102954 (2020)","journal-title":"Microprocess. Microsyst."},{"issue":"5","key":"568_CR36","doi-asserted-by":"publisher","first-page":"1467","DOI":"10.1145\/186025.186041","volume":"16","author":"G Ramalingam","year":"1994","unstructured":"Ramalingam, G.: The undecidability of aliasing. ACM Trans. Program. Lang. Syst. TOPLAS 16(5), 1467\u20131471 (1994)","journal-title":"ACM Trans. Program. Lang. Syst. TOPLAS"},{"key":"568_CR37","doi-asserted-by":"crossref","unstructured":"Schuster, F., Tendyck, T., Liebchen, C., Davi, L., Sadeghi, A.-R., Holz, A.-R.: Counterfeit object-oriented programming: on the difficulty of preventing code reuse attacks in c++ applications. In 2015 IEEE Symposium on Security and Privacy (SP), pp. 745\u2013762. IEEE (2015)","DOI":"10.1109\/SP.2015.51"},{"issue":"1","key":"568_CR38","first-page":"223","volume":"6","author":"M Shakir","year":"2016","unstructured":"Shakir, M., Rehman, O.U., Abbas, Z., Masood, A., Shahid, W.: Evaluation of video quality in wireless multimedia sensor networks. Int. J. Electr. Comput. Eng. 6(1), 223 (2016)","journal-title":"Int. J. Electr. Comput. Eng."},{"key":"568_CR39","doi-asserted-by":"crossref","unstructured":"Sui, Y., Xue, Y.: SVF: interprocedural static value-flow analysis in LLVM. In: Proceedings of the 25th International Conference on Compiler Construction, pp. 265\u2013266. ACM (2016)","DOI":"10.1145\/2892208.2892235"},{"key":"568_CR40","doi-asserted-by":"crossref","unstructured":"Wang, C., Kim, H.-S., Wu, Y., Ying, V.: Compiler-managed software-based redundant multi-threading for transient fault detection. In: Proceedings of the International Symposium on Code Generation and Optimization, pp. 244\u2013258. IEEE Computer Society (2007)","DOI":"10.1109\/CGO.2007.7"},{"issue":"1","key":"568_CR41","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1111\/j.1539-6924.2006.00712.x","volume":"26","author":"TW Yellman","year":"2006","unstructured":"Yellman, T.W.: Redundancy in designs. Risk Anal. Int. J. 26(1), 277\u2013286 (2006)","journal-title":"Risk Anal. Int. J."}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-021-00568-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-021-00568-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-021-00568-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T17:15:29Z","timestamp":1726074929000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-021-00568-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,11,6]]},"references-count":41,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2022,6]]}},"alternative-id":["568"],"URL":"https:\/\/doi.org\/10.1007\/s10207-021-00568-1","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"type":"print","value":"1615-5262"},{"type":"electronic","value":"1615-5270"}],"subject":[],"published":{"date-parts":[[2021,11,6]]},"assertion":[{"value":"6 November 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}]}}