In October, COMSEC presented HybriDIFT at ICCAD 2024 and muCFI at CCS 2024.
HybriDIFT shows how to scale hardware dynamic IFT to large memories by specially treating implicit flows in the design. HybriDIFT is the first dynamic IFT solution that can scale to a serious RISC-V core such as OpenC910.
muCFI introduces a new security property that ensures that the instruction operands do not influence cycle-accurate valuations of the program counters. muCFI captures both data-dependent instruction timings (i.e., violating the constant-time principle) as well as (micro)architectural vulnerabilities that enable an attacker to hijack the program counter. We used muCFI to verify a number of open-source RISC-V cores and found a number of serious security vulnerabilities.