{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,30]],"date-time":"2026-04-30T23:23:54Z","timestamp":1777591434186,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":47,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,10,24]],"date-time":"2016-10-24T00:00:00Z","timestamp":1477267200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001659","name":"Deutsche Forschungsgemeinschaft","doi-asserted-by":"publisher","award":["CRC1119"],"award-info":[{"award-number":["CRC1119"]}],"id":[{"id":"10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002341","name":"Suomen Akatemia","doi-asserted-by":"publisher","award":["283135"],"award-info":[{"award-number":["283135"]}],"id":[{"id":"10.13039\/501100002341","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000180","name":"U.S. Department of Homeland Security","doi-asserted-by":"publisher","award":["14089-503866-DS"],"award-info":[{"award-number":["14089-503866-DS"]}],"id":[{"id":"10.13039\/100000180","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004963","name":"Seventh Framework Programme","doi-asserted-by":"publisher","award":["643964"],"award-info":[{"award-number":["643964"]}],"id":[{"id":"10.13039\/501100004963","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100009226","name":"National Security Agency","doi-asserted-by":"publisher","award":["H98230-15-1-0276"],"award-info":[{"award-number":["H98230-15-1-0276"]}],"id":[{"id":"10.13039\/100009226","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,10,24]]},"DOI":"10.1145\/2976749.2978358","type":"proceedings-article","created":{"date-parts":[[2016,10,25]],"date-time":"2016-10-25T12:46:35Z","timestamp":1477399595000},"page":"743-754","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":213,"title":["C-FLAT"],"prefix":"10.1145","author":[{"given":"Tigist","family":"Abera","sequence":"first","affiliation":[{"name":"Technische Universit\u00e4t Darmstadt, Darmstadt, Germany"}]},{"given":"N.","family":"Asokan","sequence":"additional","affiliation":[{"name":"Aalto University, Espoo, Finland"}]},{"given":"Lucas","family":"Davi","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Darmstadt, Darmstadt, Germany"}]},{"given":"Jan-Erik","family":"Ekberg","sequence":"additional","affiliation":[{"name":"Trustonic, Helsinki, Finland"}]},{"given":"Thomas","family":"Nyman","sequence":"additional","affiliation":[{"name":"Aalto University &amp; Trustonic, Helsinki, Finland"}]},{"given":"Andrew","family":"Paverd","sequence":"additional","affiliation":[{"name":"Aalto University, Aalto, Finland"}]},{"given":"Ahmad-Reza","family":"Sadeghi","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Darmstadt, Darmstadt, Germany"}]},{"given":"Gene","family":"Tsudik","sequence":"additional","affiliation":[{"name":"University of California, Irvine, Irvine, USA"}]}],"member":"320","published-online":{"date-parts":[[2016,10,24]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1609956.1609960"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978358"},{"issue":"14","key":"e_1_3_2_1_3_1","article-title":"Smashing the stack for fun and profit","volume":"49","author":"One Aleph","year":"2000","unstructured":"Aleph One . Smashing the stack for fun and profit . Phrack Magazine , 49 ( 14 ), 2000 . Aleph One. Smashing the stack for fun and profit. Phrack Magazine, 49(14), 2000.","journal-title":"Phrack Magazine"},{"key":"e_1_3_2_1_4_1","volume-title":"ARM Security Technology - Building a Secure System using TrustZone Technology","author":"Limited ARM","year":"2009","unstructured":"ARM Limited . ARM Security Technology - Building a Secure System using TrustZone Technology , 2009 . ARM Limited. ARM Security Technology - Building a Secure System using TrustZone Technology, 2009."},{"key":"e_1_3_2_1_5_1","volume-title":"Procedure call standard for the ARM architecture","author":"Ltd ARM","year":"2009","unstructured":"ARM Ltd . Procedure call standard for the ARM architecture , 2009 . ARM Ltd. Procedure call standard for the ARM architecture, 2009."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1867635.1867645"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1966913.1966919"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2744769.2744922"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455776"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866370"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23415"},{"key":"e_1_3_2_1_12_1","volume-title":"USENIX Security","author":"Chen S.","year":"2005","unstructured":"S. Chen , J. Xu , E. C. Sezer , P. Gauriar , and R. K. Iyer . Non-control-data attacks are realistic threats . In USENIX Security , 2005 . S. Chen, J. Xu, E. C. Sezer, P. Gauriar, and R. K. Iyer. Non-control-data attacks are realistic threats. In USENIX Security, 2005."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1016\/0167-4048(93)90054-9"},{"key":"e_1_3_2_1_14_1","volume-title":"USENIX Security","author":"Costin A.","year":"2014","unstructured":"A. Costin , J. Zaddach , A. Francillon , and D. Balzarotti . A large scale analysis of the security of embedded firmwares . In USENIX Security , 2014 . A. Costin, J. Zaddach, A. Francillon, and D. Balzarotti. A large scale analysis of the security of embedded firmwares. In USENIX Security, 2014."},{"key":"e_1_3_2_1_15_1","volume-title":"ISOC NDSS","author":"Davi L.","year":"2012","unstructured":"L. Davi , A. Dmitrienko , M. Egele , T. Fischer , T. Holz , R. Hund , S. N\u00fcrnberger , and A.-R. Sadeghi . MoCFI : A framework to mitigate control-flow attacks on smartphones . In ISOC NDSS , 2012 . L. Davi, A. Dmitrienko, M. Egele, T. Fischer, T. Holz, R. Hund, S. N\u00fcrnberger, and A.-R. Sadeghi. MoCFI: A framework to mitigate control-flow attacks on smartphones. In ISOC NDSS, 2012."},{"key":"e_1_3_2_1_16_1","volume-title":"USENIX Security","author":"Davi L.","year":"2014","unstructured":"L. Davi , D. Lehmann , A.-R. Sadeghi , and F. Monrose . Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection . In USENIX Security , 2014 . L. Davi, D. Lehmann, A.-R. Sadeghi, and F. Monrose. Stitching the gadgets: On the ineffectiveness of coarse-grained control-flow integrity protection. In USENIX Security, 2014."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1655108.1655117"},{"key":"e_1_3_2_1_18_1","volume-title":"ISOC NDSS","author":"Eldefrawy K.","year":"2012","unstructured":"K. Eldefrawy , G. Tsudik , A. Francillon , and D. Perito . SMART: secure and minimal architecture for (establishing dynamic) root of trust . In ISOC NDSS , 2012 . K. Eldefrawy, G. Tsudik, A. Francillon, and D. Perito. SMART: secure and minimal architecture for (establishing dynamic) root of trust. In ISOC NDSS, 2012."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455775"},{"key":"e_1_3_2_1_20_1","volume-title":"Virtual Machine Research And Technology Symposium","author":"Haldar V.","year":"2004","unstructured":"V. Haldar , D. Chandra , and M. Franz . Semantic remote attestation: A virtual machine directed approach to trusted computing . In Virtual Machine Research And Technology Symposium , 2004 . V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation: A virtual machine directed approach to trusted computing. In Virtual Machine Research And Technology Symposium, 2004."},{"key":"e_1_3_2_1_21_1","volume-title":"Data-oriented programming: On the effectiveness of non-control data attacks","author":"Hu H.","year":"2016","unstructured":"H. Hu , S. Shinde , S. Adrian , Z. L. Chua , P. Saxena , and Z. Liang . Data-oriented programming: On the effectiveness of non-control data attacks . In IEEE S &P, 2016 . H. Hu, S. Shinde, S. Adrian, Z. L. Chua, P. Saxena, and Z. Liang. Data-oriented programming: On the effectiveness of non-control data attacks. In IEEE S&P, 2016."},{"key":"e_1_3_2_1_22_1","volume-title":"Remote attestation to dynamic system properties: Towards providing complete system integrity evidence","author":"Kil C.","year":"2009","unstructured":"C. Kil , E. Sezer , A. Azab , P. Ning , and X. Zhang . Remote attestation to dynamic system properties: Towards providing complete system integrity evidence . In IEEE\/IFIP DSN , 2009 . C. Kil, E. Sezer, A. Azab, P. Ning, and X. Zhang. Remote attestation to dynamic system properties: Towards providing complete system integrity evidence. In IEEE\/IFIP DSN, 2009."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/996566.996771"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2592798.2592824"},{"key":"e_1_3_2_1_25_1","volume-title":"Return oriented programming for the ARM architecture. Master's thesis","author":"Kornau T.","year":"2009","unstructured":"T. Kornau . Return oriented programming for the ARM architecture. Master's thesis , Ruhr-University Bochum , 2009 . T. Kornau. Return oriented programming for the ARM architecture. Master's thesis, Ruhr-University Bochum, 2009."},{"key":"e_1_3_2_1_26_1","volume-title":"USENIX OSDI","author":"Kuznetsov V.","year":"2014","unstructured":"V. Kuznetsov , L. Szekeres , M. Payer , G. Candea , R. Sekar , and D. Song . Code-pointer integrity . In USENIX OSDI , 2014 . V. Kuznetsov, L. Szekeres, M. Payer, G. Candea, R. Sekar, and D. Song. Code-pointer integrity. In USENIX OSDI, 2014."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.25"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046711"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.17"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1352592.1352625"},{"key":"e_1_3_2_1_31_1","volume-title":"Data execution prevention (DEP)","year":"2006","unstructured":"Microsoft. Data execution prevention (DEP) , 2006 . Microsoft. Data execution prevention (DEP), 2006."},{"key":"e_1_3_2_1_32_1","volume-title":"USENIX Security","author":"Noorman J.","year":"2013","unstructured":"J. Noorman , P. Agten , W. Daniels , R. Strackx , A. V. Herrewege , C. Huygens , B. Preneel , I. Verbauwhede , and F. Piessens . Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base . In USENIX Security , 2013 . J. Noorman, P. Agten, W. Daniels, R. Strackx, A. V. Herrewege, C. Huygens, B. Preneel, I. Verbauwhede, and F. Piessens. Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In USENIX Security, 2013."},{"key":"e_1_3_2_1_33_1","volume-title":"IARIA Cloud Computing","author":"Paolino M.","year":"2015","unstructured":"M. Paolino , A. Rigo , A. Spyridakis , J. Fangu\u00e8de , P. Lalov , and D. Raho . T-KVM: A trusted architecture for KVM ARM v7 and v8 virtual machines . In IARIA Cloud Computing , 2015 . M. Paolino, A. Rigo, A. Spyridakis, J. Fangu\u00e8de, P. Lalov, and D. Raho. T-KVM: A trusted architecture for KVM ARM v7 and v8 virtual machines. In IARIA Cloud Computing, 2015."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2133375.2133377"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065907.1066038"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.51"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095809.1095812"},{"key":"e_1_3_2_1_38_1","volume-title":"SWATT: Software-based attestation for embedded devices","author":"Seshadri A.","year":"2004","unstructured":"A. Seshadri , A. Perrig , L. van Doorn , and P. Khosla . SWATT: Software-based attestation for embedded devices . In IEEE S &P, 2004 . A. Seshadri, A. Perrig, L. van Doorn, and P. Khosla. SWATT: Software-based attestation for embedded devices. In IEEE S&P, 2004."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.45"},{"key":"e_1_3_2_1_41_1","volume-title":"lpr LIBC RETURN exploit","author":"Designer Solar","year":"1997","unstructured":"Solar Designer . lpr LIBC RETURN exploit , 1997 . Solar Designer. lpr LIBC RETURN exploit, 1997."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_3_2_1_43_1","volume-title":"USENIX Security","author":"Tice C.","year":"2014","unstructured":"C. Tice , T. Roeder , P. Collingbourne , S. Checkoway , \u00da. Erlingsson, L. Lozano , and G. Pike . Enforcing forward-edge control-flow integrity in GCC & LLVM . In USENIX Security , 2014 . C. Tice, T. Roeder, P. Collingbourne, S. Checkoway, \u00da. Erlingsson, L. Lozano, and G. Pike. Enforcing forward-edge control-flow integrity in GCC & LLVM. In USENIX Security, 2014."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.134"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0107216"},{"key":"e_1_3_2_1_46_1","volume-title":"ARMv8-M architecture technical overview. https:\/\/community.arm.com\/docs\/DOC-10896","author":"Yiu J.","year":"2015","unstructured":"J. Yiu . ARMv8-M architecture technical overview. https:\/\/community.arm.com\/docs\/DOC-10896 , 2015 . J. Yiu. ARMv8-M architecture technical overview. https:\/\/community.arm.com\/docs\/DOC-10896, 2015."},{"key":"e_1_3_2_1_47_1","volume-title":"USENIX Security","author":"Zhang M.","year":"2013","unstructured":"M. Zhang and R. Sekar . Control flow integrity for COTS binaries . In USENIX Security , 2013 . M. Zhang and R. Sekar. Control flow integrity for COTS binaries. In USENIX Security, 2013."}],"event":{"name":"CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security","location":"Vienna Austria","acronym":"CCS'16","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978358","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978358","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:40:14Z","timestamp":1750218014000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978358"}},"subtitle":["Control-Flow Attestation for Embedded Systems Software"],"short-title":[],"issued":{"date-parts":[[2016,10,24]]},"references-count":47,"alternative-id":["10.1145\/2976749.2978358","10.1145\/2976749"],"URL":"https:\/\/doi.org\/10.1145\/2976749.2978358","relation":{},"subject":[],"published":{"date-parts":[[2016,10,24]]},"assertion":[{"value":"2016-10-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}