{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:32:10Z","timestamp":1766442730295,"version":"3.48.0"},"publisher-location":"New York, NY, USA","reference-count":67,"publisher":"ACM","license":[{"start":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T00:00:00Z","timestamp":1763769600000},"content-version":"vor","delay-in-days":3,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["2512972, 2508320, 2523436, 2521803, and 2154415"],"award-info":[{"award-number":["2512972, 2508320, 2523436, 2521803, and 2154415"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Amazon Research Award"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,11,19]]},"DOI":"10.1145\/3719027.3765039","type":"proceedings-article","created":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T23:42:02Z","timestamp":1763854922000},"page":"2474-2488","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["'We just did not have that on the embedded system': Insights and Challenges for Securing Microcontroller Systems from the Embedded CTF Competitions"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-5631-0466","authenticated-orcid":false,"given":"Zheyuan","family":"Ma","sequence":"first","affiliation":[{"name":"CactiLab, University at Buffalo, Buffalo, NY, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-9304-8317","authenticated-orcid":false,"given":"Gaoxiang","family":"Liu","sequence":"additional","affiliation":[{"name":"CactiLab, University at Buffalo, Buffalo, NY, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0008-8774-8885","authenticated-orcid":false,"given":"Alex","family":"Eastman","sequence":"additional","affiliation":[{"name":"CactiLab, University at Buffalo, Buffalo, NY, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-4217-8897","authenticated-orcid":false,"given":"Kai","family":"Kaufman","sequence":"additional","affiliation":[{"name":"Worcester Polytechnic Institute, Worcester, MA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-5264-7962","authenticated-orcid":false,"given":"Md","family":"Armanuzzaman","sequence":"additional","affiliation":[{"name":"CactiLab, Northeastern University, Boston, MA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-6368-1523","authenticated-orcid":false,"given":"Xi","family":"Tan","sequence":"additional","affiliation":[{"name":"SUNRISE Lab, University of Colorado Colorado Springs, Colorado Springs, CO, USA"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-8957-4507","authenticated-orcid":false,"given":"Katherine","family":"Jesse","sequence":"additional","affiliation":[{"name":"Worcester Polytechnic Institute, Worcester, MA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1338-6403","authenticated-orcid":false,"given":"Robert J.","family":"Walls","sequence":"additional","affiliation":[{"name":"Worcester Polytechnic Institute, Worcester, MA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4930-5556","authenticated-orcid":false,"given":"Ziming","family":"Zhao","sequence":"additional","affiliation":[{"name":"CactiLab, Northeastern University, Boston, MA, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,11,22]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Network and Distributed System Security Symposium (NDSS).","author":"Almakhdhub Naif Saleh","year":"2020","unstructured":"Naif Saleh Almakhdhub, Abraham A Clements, Saurabh Bagchi, and Mathias Payer. 2020. \u03bcRAI: Securing Embedded Systems with Return Address Integrity. In Network and Distributed System Security Symposium (NDSS)."},{"key":"e_1_3_2_1_2_1","unstructured":"ARM. 2024. CMSIS - Common Microcontroller Software Interface Standard. https:\/\/arm-software.github.io\/CMSIS_6\/latest\/General\/index.html."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.23919\/DATE.2018.8342161"},{"key":"e_1_3_2_1_4_1","unstructured":"The Embedded Rust Book. 2024a. A no_std Rust Environment. https:\/\/docs.rust-embedded.org\/book\/intro\/no-std.html."},{"key":"e_1_3_2_1_5_1","unstructured":"The Embedded Rust Book. 2024b. Memory Mapped Registers. https:\/\/docs.rust-embedded.org\/book\/start\/registers.html."},{"key":"e_1_3_2_1_6_1","unstructured":"The Embedded Rust Book. 2024c. Unsafe Rust. https:\/\/doc.rust-lang.org\/book\/ch19-01-unsafe-rust.html."},{"key":"e_1_3_2_1_7_1","volume-title":"NC","author":"Brown Robert G","year":"2018","unstructured":"Robert G Brown, Dirk Eddelbuettel, and David Bauer. 2018. Dieharder. Duke University Physics Department Durham, NC (2018), 27708-0305."},{"key":"e_1_3_2_1_8_1","unstructured":"Kevin Chung and Julian Cohen. 2014. Learning Obstacles in the Capture The Flag Model. In USENIX Summit 3GSE."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"crossref","unstructured":"Victoria Clarke and Virginia Braun. 2014. Thematic Analysis. 1947-1952.","DOI":"10.1007\/978-1-4614-5583-7_311"},{"key":"e_1_3_2_1_10_1","volume-title":"ACES: Automatic Compartments for Embedded Systems. In USENIX Security Symposium.","author":"Clements Abraham A","year":"2018","unstructured":"Abraham A Clements, Naif Saleh Almakhdhub, Saurabh Bagchi, and Mathias Payer. 2018. ACES: Automatic Compartments for Embedded Systems. In USENIX Security Symposium."},{"key":"e_1_3_2_1_11_1","volume-title":"Protecting Bare-Metal Embedded Systems with Privilege Overlays. In IEEE Symposium on Security and Privacy (S&P).","author":"Clements Abraham A","year":"2017","unstructured":"Abraham A Clements, Naif Saleh Almakhdhub, Khaled S Saab, Prashast Srivastava, Jinkyu Koo, Saurabh Bagchi, and Mathias Payer. 2017. Protecting Bare-Metal Embedded Systems with Privilege Overlays. In IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/DISCEX.2003.1194923"},{"key":"e_1_3_2_1_13_1","unstructured":"Analog Devices. 2024a. MAX78000FTHR. https:\/\/www.analog.com\/en\/resources\/evaluation-hardware-and-software\/evaluation-boards-kits\/max78000fthr.html."},{"key":"e_1_3_2_1_14_1","unstructured":"Analog Devices. 2024b. UG-7456: MAX78000 User Guide (Rev.1). https:\/\/www.analog.com\/media\/en\/technical-documentation\/user-guides\/max78000-user-guide.pdf."},{"key":"e_1_3_2_1_15_1","unstructured":"Docs.rs. 2024. zeroize - Rust. https:\/\/docs.rs\/zeroize\/latest\/zeroize\/."},{"key":"e_1_3_2_1_16_1","volume-title":"Holistic Control-Flow Protection on Real-Time Embedded Systems with Kage. In USENIX Security Symposium.","author":"Du Yufei","year":"2022","unstructured":"Yufei Du, Zhuojia Shen, Komail Dharsee, Jie Zhou, Robert J Walls, and John Criswell. 2022. Holistic Control-Flow Protection on Real-Time Embedded Systems with Kage. In USENIX Security Symposium."},{"key":"e_1_3_2_1_17_1","volume-title":"Bernstein et al","author":"Daniel","year":"2024","unstructured":"Daniel J. Bernstein et al., 2024. Monocypher. https:\/\/monocypher.org\/."},{"key":"e_1_3_2_1_18_1","volume-title":"Symposium on Usable Privacy and Security (SOUPS).","author":"Fulton Kelsey R","year":"2021","unstructured":"Kelsey R Fulton, Anna Chan, Daniel Votipka, Michael Hicks, and Michelle L Mazurek. 2021. Benefits and Drawbacks of Adopting a Secure Programming Language: Rust as a Case Study. In Symposium on Usable Privacy and Security (SOUPS)."},{"key":"e_1_3_2_1_19_1","unstructured":"Ricardo Garcia and Alex Young. 2011. bCrypt. https:\/\/github.com\/rg3\/libbcrypt."},{"key":"e_1_3_2_1_20_1","volume-title":"ERHARD-RNG: A Random Number Generator Built from Repurposed Hardware in Embedded Systems. arXiv preprint","author":"Grycel Jacob","year":"1903","unstructured":"Jacob Grycel and Robert J Walls. 2019. ERHARD-RNG: A Random Number Generator Built from Repurposed Hardware in Embedded Systems. arXiv preprint 1903.09365 (2019)."},{"key":"e_1_3_2_1_21_1","volume-title":"Analysis of the Linux Random Number Generator. In IEEE Symposium on Security and Privacy (S&P).","author":"Gutterman Zvi","year":"2006","unstructured":"Zvi Gutterman, Benny Pinkas, and Tzachy Reinman. 2006. Analysis of the Linux Random Number Generator. In IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1506409.1506429"},{"key":"e_1_3_2_1_23_1","unstructured":"Booz Allen Hamilton and Maryland Cybersecurity Center. 2025. Built It Break It Fix It. https:\/\/builditbreakit.org\/."},{"key":"e_1_3_2_1_24_1","unstructured":"Hugrun Hannesdottir. 2021. Teaching IoT Security using CTF Problems. Ph.D. Dissertation. Carnegie Mellon University."},{"key":"e_1_3_2_1_25_1","volume-title":"Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices. In USENIX Security Symposium.","author":"Heninger Nadia","year":"2012","unstructured":"Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J Alex Halderman. 2012. Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices. In USENIX Security Symposium."},{"key":"e_1_3_2_1_26_1","unstructured":"Texas Instruments. 2024. EK-TM4C123G. https:\/\/ti.com\/tool\/EK-TM4C123GXL."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","unstructured":"Meltem Sonmez Turan John M. Kelsey Kerry McKay. 2018. Recommendation for the Entropy Sources Used for Random Bit Generation. https:\/\/doi.org\/10.6028\/NIST.SP.800-90B.","DOI":"10.6028\/NIST.SP.800-90B"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/INDIN51773.2022.9976079"},{"key":"e_1_3_2_1_29_1","unstructured":"Chung Hwan Kim Taegyu Kim Hongjun Choi Zhongshu Gu Byoungyoung Lee Xiangyu Zhang and Dongyan Xu. 2018. Securing Real-Time Microcontroller Systems through Customized Memory View Switching. In NDSS."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3356773.3356798"},{"key":"e_1_3_2_1_31_1","volume-title":"USENIX Security Symposium.","author":"Kwon Donghyun","year":"2019","unstructured":"Donghyun Kwon, Jangseop Shin, Giyeol Kim, Byoungyoung Lee, Yeongpil Cho, and Yunheung Paek. 2019. uXOM: Efficient eXecute-Only Memory on Arm Cortex-M. In USENIX Security Symposium."},{"key":"e_1_3_2_1_32_1","volume-title":"fASLR: Function-Based ASLR via TrustZone-M and MPU for Resource-Constrained IoT Systems","author":"Luo Lan","year":"2022","unstructured":"Lan Luo, Xinhui Shao, Zhen Ling, Huaiyu Yan, Yumeng Wei, and Xinwen Fu. 2022. fASLR: Function-Based ASLR via TrustZone-M and MPU for Resource-Constrained IoT Systems. IEEE Internet of Things Journal (2022)."},{"key":"e_1_3_2_1_33_1","volume-title":"Return-to-Non-Secure Vulnerabilities on ARM Cortex-M TrustZone: Attack and Defense. In ACM\/IEEE Design Automation Conference.","author":"Ma Zheyuan","year":"2023","unstructured":"Zheyuan Ma, Xi Tan, Lukasz Ziarek, Ning Zhang, Hongxin Hu, and Ziming Zhao. 2023. Return-to-Non-Secure Vulnerabilities on ARM Cortex-M TrustZone: Attack and Defense. In ACM\/IEEE Design Automation Conference."},{"key":"e_1_3_2_1_34_1","unstructured":"Linux manual page. 2024. execstack(8). https:\/\/man7.org\/linux\/man-pages\/man8\/execstack.8.html."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3359174"},{"key":"e_1_3_2_1_36_1","unstructured":"MITRE. 2023. eCTF: 2023 Awards Ceremony. https:\/\/youtu.be\/QDfeKUtRf8o."},{"key":"e_1_3_2_1_37_1","unstructured":"MITRE. 2024a. 2024 Participation Agreement. https:\/\/ectf.mitre.org\/wp-content\/uploads\/2023\/12\/eCTF-Participant-Agreement-2024.pdf."},{"key":"e_1_3_2_1_38_1","unstructured":"MITRE. 2024b. eCTF: 2024 Awards Ceremony. https:\/\/youtu.be\/an5utl-nto."},{"key":"e_1_3_2_1_39_1","unstructured":"MITRE. 2024c. eCTF Past Competitions. https:\/\/ectf.mitre.org\/past-competitions\/."},{"key":"e_1_3_2_1_40_1","unstructured":"MITRE. 2024d. Embedded Capture the Flag (eCTF). https:\/\/ectf.mitre.org\/."},{"key":"e_1_3_2_1_41_1","unstructured":"newlib. 2024. stack_protector.c at bpf-port. https:\/\/github.com\/anza-xyz\/newlib\/blob\/bpf-port\/newlib\/libc\/ssp\/stack_protector.c."},{"key":"e_1_3_2_1_42_1","volume-title":"Unveiling IoT Security in Reality: A Firmware-Centric Journey. In USENIX Security Symposium.","author":"Nino Nicolas","year":"2024","unstructured":"Nicolas Nino, Ruibo Lu, Wei Zhou, Kyu Hyung Lee, Ziming Zhao, and Le Guan. 2024. Unveiling IoT Security in Reality: A Firmware-Centric Journey. In USENIX Security Symposium."},{"key":"e_1_3_2_1_43_1","unstructured":"OpenSSL. 2014. The Heartbleed Bug. https:\/\/heartbleed.com\/."},{"key":"e_1_3_2_1_44_1","unstructured":"Otter.ai. 2025. Otter.ai - AI Meeting Note Taker. https:\/\/otter.ai\/."},{"key":"e_1_3_2_1_45_1","volume-title":"Break It","author":"Parker James","year":"2020","unstructured":"James Parker, Michael Hicks, Andrew Ruef, Michelle L Mazurek, Dave Levin, Daniel Votipka, Piotr Mardziel, and Kelsey R Fulton. 2020. Build It, Break It, Fix It: Contesting Secure Development. ACM Transactions on Privacy and Security (2020)."},{"key":"e_1_3_2_1_46_1","volume-title":"Fix It: Contesting Secure Development. In ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"Ruef Andrew","year":"2016","unstructured":"Andrew Ruef, Michael Hicks, James Parker, Dave Levin, Michelle L Mazurek, and Piotr Mardziel. 2016. Build It, Break It, Fix It: Contesting Secure Development. In ACM SIGSAC Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"crossref","unstructured":"Andrew Rukhin Juan Soto James Nechvatal Miles Smid Elaine Barker Stefan Leigh Mark Levenson Mark Vangel David Banks Alan Heckert et al. 2001. A statistical test suite for random and pseudorandom number generators for cryptographic applications. US National Institute of Standards and Technology.","DOI":"10.6028\/NIST.SP.800-22"},{"key":"e_1_3_2_1_48_1","unstructured":"Rust. 2024a. Crate svd2rust. https:\/\/docs.rs\/svd2rust\/."},{"key":"e_1_3_2_1_49_1","unstructured":"Rust. 2024b. std - The Rust Standard Library. https:\/\/doc.rust-lang.org\/std\/."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.4135\/9781036235611"},{"key":"e_1_3_2_1_51_1","unstructured":"Michael Savage. 2017. C tricks: macro to disable optimisations. https:\/\/mikejsavage.co.uk\/cpp-tricks-disable-optimisations-macro\/."},{"key":"e_1_3_2_1_52_1","volume-title":"Rust for Embedded Systems: Current State and Open Problems. In ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"Sharma Ayushi","year":"2024","unstructured":"Ayushi Sharma, Shashank Sharma, Sai Ritvik Tanksalkar, Santiago Torres-Arias, and Aravind Machiry. 2024. Rust for Embedded Systems: Current State and Open Problems. In ACM SIGSAC Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_53_1","volume-title":"HARM: Hardware-Assisted Continuous Re-randomization for Microcontrollers. In IEEE European Symposium on Security and Privacy (EuroS&P).","author":"Shi Jiameng","year":"2022","unstructured":"Jiameng Shi, Le Guan, Wenqiang Li, Dayou Zhang, Ping Chen, and Ning Zhang. 2022. HARM: Hardware-Assisted Continuous Re-randomization for Microcontrollers. In IEEE European Symposium on Security and Privacy (EuroS&P)."},{"key":"e_1_3_2_1_54_1","unstructured":"Huzaifa Sidhpurwala. 2019. Hardening ELF binaries using Relocation Read-Only (RELRO). https:\/\/www.redhat.com\/en\/blog\/hardening-elf-binaries-using-relocation-read-only-relro."},{"key":"e_1_3_2_1_55_1","volume-title":"SoK: Eternal War in Memory. In IEEE Symposium on Security and Privacy (S&P).","author":"Szekeres L\u00e1szl\u00f3","year":"2013","unstructured":"L\u00e1szl\u00f3 Szekeres, Mathias Payer, Tao Wei, and Dawn Song. 2013. SoK: Eternal War in Memory. In IEEE Symposium on Security and Privacy (S&P)."},{"key":"e_1_3_2_1_56_1","volume-title":"USENIX WOOT Conference on Offensive Technologies.","author":"Tan Xi","year":"2024","unstructured":"Xi Tan, Zheyuan Ma, Sandro Pinto, Le Guan, Ning Zhang, Jun Xu, Zhiqiang Lin, Hongxin Hu, and Ziming Zhao. 2024a. SoK: Where's the ''up''?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems. In USENIX WOOT Conference on Offensive Technologies."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3605098.3635925"},{"key":"e_1_3_2_1_58_1","volume-title":"SHERLOC: Secure and Holistic Control-Flow Violation Detection on Embedded Systems. In ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"Tan Xi","year":"2023","unstructured":"Xi Tan and Ziming Zhao. 2023. SHERLOC: Secure and Holistic Control-Flow Violation Detection on Embedded Systems. In ACM SIGSAC Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_59_1","volume-title":"CTF-as-a-service for Security Education. In USENIX Workshop on Advances in Security Education (ASE).","author":"Trickel Erik","year":"2017","unstructured":"Erik Trickel, Francesco Disperati, Eric Gustafson, Faezeh Kalantari, Mike Mabey, Naveen Tiwari, Yeganeh Safaei, Adam Doup\u00e9, and Giovanni Vigna. 2017. Shell We Play A Game? CTF-as-a-service for Security Education. In USENIX Workshop on Advances in Security Education (ASE)."},{"key":"e_1_3_2_1_60_1","volume-title":"The Impact of Software Security Practices on Development Effort: An Initial Survey. In ACM\/IEEE International Symposium ESEM.","author":"Venson Elaine","year":"2019","unstructured":"Elaine Venson, Reem Alfayez, Mar\u00edlia M. F. Gomes, Rejane M. C. Figueiredo, and Barry Boehm. 2019. The Impact of Software Security Practices on Development Effort: An Initial Survey. In ACM\/IEEE International Symposium ESEM."},{"key":"e_1_3_2_1_61_1","unstructured":"Giovanni Vigna Kevin Borgolte Jacopo Corbetta Adam Doup\u00e9 Yanick Fratantonio Luca Invernizzi Dhilung Kirat and Yan Shoshitaishvili. 2014. Ten Years of iCTF: The Good The Bad and The Ugly. In USENIX Summit on Gaming Games and Gamification in Security Education (3GSE)."},{"key":"e_1_3_2_1_62_1","volume-title":"Fix It. In USENIX Security Symposium.","author":"Votipka Daniel","year":"2020","unstructured":"Daniel Votipka, Kelsey R Fulton, James Parker, Matthew Hou, Michelle L Mazurek, and Michael Hicks. 2020. Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It. In USENIX Security Symposium."},{"key":"e_1_3_2_1_63_1","volume-title":"Benefits and Pitfalls of Using Capture the Flag Games in University Courses. In ACM Technical Symposium on Computer Science Education. 752-758","author":"Vykopal Jan","year":"2020","unstructured":"Jan Vykopal, Valdemar \u0160v\u00e1bensk\u1ef3, and Ee-Chien Chang. 2020. Benefits and Pitfalls of Using Capture the Flag Games in University Courses. In ACM Technical Symposium on Computer Science Education. 752-758."},{"key":"e_1_3_2_1_64_1","volume-title":"InsectACIDE: Debugger-Based Holistic Asynchronous CFI for Embedded Systems. In IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS).","author":"Wang Yujie","year":"2024","unstructured":"Yujie Wang, C Mack, Xi Tan, Ning Zhang, Ziming Zhao, Sanjoy Baruah, and B Ward. 2024. InsectACIDE: Debugger-Based Holistic Asynchronous CFI for Embedded Systems. In IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS)."},{"key":"e_1_3_2_1_65_1","volume-title":"FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware. In ACM SIGSAC Conference on Computer and Communications Security (CCS).","author":"Wen Haohuang","year":"2020","unstructured":"Haohuang Wen, Zhiqiang Lin, and Yinqian Zhang. 2020. FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware. In ACM SIGSAC Conference on Computer and Communications Security (CCS)."},{"key":"e_1_3_2_1_66_1","volume-title":"Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs. In USENIX Security Symposium.","author":"Xu Jianhao","year":"2023","unstructured":"Jianhao Xu, Kangjie Lu, Zhengjie Du, Zhu Ding, Linke Li, Qiushi Wu, Mathias Payer, and Bing Mao. 2023. Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs. In USENIX Security Symposium."},{"key":"e_1_3_2_1_67_1","volume-title":"Silhouette: Efficient Protected Shadow Stacks for Embedded Systems. In USENIX Security Symposium.","author":"Zhou Jie","year":"2020","unstructured":"Jie Zhou, Yufei Du, Zhuojia Shen, Lele Ma, John Criswell, and Robert J Walls. 2020. Silhouette: Efficient Protected Shadow Stacks for Embedded Systems. In USENIX Security Symposium."}],"event":{"name":"CCS '25: ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Taipei Taiwan","acronym":"CCS '25"},"container-title":["Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3765039","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3765039","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:28:49Z","timestamp":1766442529000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3719027.3765039"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,19]]},"references-count":67,"alternative-id":["10.1145\/3719027.3765039","10.1145\/3719027"],"URL":"https:\/\/doi.org\/10.1145\/3719027.3765039","relation":{},"subject":[],"published":{"date-parts":[[2025,11,19]]},"assertion":[{"value":"2025-11-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}