Hybrid hardware-software method to enhance computer memory safety
This technology is a simple, low-overhead hardware-software framework for debugging and protecting against memory-based attacks and errors.
Unmet Need: Simple, fast-operating method of maintaining memory safety without significant hardware modifications
Memory corruption errors are one of the most pervasive problems in computer security. Current methods to address memory safety concerns commonly involve whitelisting safe memory regions or blacklisting unsafe regions, which offer strong security but are limited by slow operation and/or the need for significant hardware modifications.
The Technology: Low-overhead hardware-software system to prevent memory corruption
This technology describes a simple, low-overhead hardware-software system to enhance memory safety. The software infrastructure is based on a tripwire approach in which legitimate memory regions are segregated from bad regions by blacklisting the bad regions. Because this technology lowers the performance overhead significantly compared to the state-of-the-art software and hardware techniques and is simple to add to existing software, it has the potential to allow for rapid testing of memory safety and protection against future memory-based attacks and errors.
This technology minimizes the performance overheads of memory safety to ~1.02x—1.16x, while providing byte-granular protection and maintaining very low hardware overheads.
Applications:
- Enhanced software security
- Debugging software
- Memory blacklist
Advantages:
- Allows for rapid testing
- Requires only simple modifications to an out-of-order core
- Incurs a significantly reduced performance penalty compared to comparable software implementation
- Can complement other software as a debugging aid
Lead Inventor:
Patent Information:
Related Publications:
Tech Ventures Reference:
IR CU18053
Licensing Contact: Greg Maskel