Building Trustworthy Systems: Run Time Validation of Program Executions

PI: Kanad Ghose

The construction of trustworthy systems demands that the execution of every piece of code is validated as genuine – that the executed codes do exactly what they are supposed to do. Most systems implement this requirement prior to execution by matching a cryptographic hash of the binary file against a reference hash value, leaving the code vulnerable to run time compromises, such as code injection, return and jump-oriented programming, and illegal linking of the code to compromised library functions. In this project, we investigate a variety of software techniques for validating execution of a program that include the use of random interrogations to validate execution signatures and the use of existing branch path tracing support in modern microprocessors, specifically the Intel server architectures. The techniques being investigated can not only validate the execution of applications but can also validate the execution of OS code and libraries. As a peripheral project, we are also investigating the use of modest hardware support in contemporary microprocessors for dramatically reducing the overhead of continuous run-time validation of executions.