Processors

Adapting Software Fault Isolation to Contemporary CPU Architectures

Download Now Free registration required

Executive Summary

Software Fault Isolation (SFI) is an effective approach to sandboxing binary code of questionable provenance, an interesting use case for native plugins in a Web browser. The authors present software fault isolation schemes for ARM and x86-64 that provide control-flow and memory integrity with average performance overhead of under 5% on ARM and 7% on x86-64. They believe these are the best known SFI implementations for these architectures, with significantly lower overhead than previous systems for similar architectures.

  • Format: PDF
  • Size: 142.5 KB