公开(公告)号：US10650147B2

公开(公告)日：2020-05-12

申请号：US15190724

申请日：2016-06-23

Applicant: NXP B.V.

Inventor： Peter Maria Franciscus Rombouts ,  Eric Vos

IPC: G06F21/56 ,  G06F21/52

Abstract: A control flow enforcement solution for ensuring that a program or portion thereof behaves as expected during execution upon a processor. A reference control flow is pre-determined for the program using, for example, a control flow graph (CFG). The CFG is then analysed to provide a set of rules which describe how the program should behave under normal execution. As the program executes it is monitored and the rules are evaluated to enable detection of any unexpected control flow. An embodiment of this disclosure is configured to respond upon detection that a rule has been violated. The response can take the form of any appropriate intervention such as a processor interrupt, memory fault, processor reset or generation of an alert. In this way, an embodiment of this disclosure may provide a particularly effective mechanism for detecting and defending against malicious activities such as return oriented programming attacks. The invention can be utilised to effect with any program but may be particularly suited for use with programs executing upon embedded processors.