Software Fault Isolation for Robust Compilation
This addresses security issues for developers using unsafe languages like C, but it appears incremental as it builds on existing software fault isolation techniques.
The paper tackled the problem of memory corruption vulnerabilities in unsafe languages by proposing a robust compilation approach that ensures security properties of components even when some are compromised, demonstrating its feasibility on a basic RISC processor using software fault isolation.
Memory corruption vulnerabilities are endemic to unsafe languages, such as C, and they can even be found in safe languages that themselves are implemented in unsafe languages or linked with libraries implemented in unsafe languages. Robust compilation mitigates the threat of linking with memory-unsafe libraries. The source language is a C-like language, enriched with a notion of a component which encapsulates data and code, exposing functionality through well-defined interfaces. Robust compilation defines what security properties a component still has, even, if one or more components are compromised. The main contribution of this work is to demonstrate that the compartmentalization necessary for a compiler that has the robust compilation property can be realized on a basic RISC processor using software fault isolation.