The need for adaptability in a rapidly expanding embedded systems market makes it important to design virtual execution environments (VEEs) specifically targeting embedded platforms. We believe the first step in this direction should be to replace the performance focus of traditional VEE design with a combined memory and performance focus, given the memory constraints on embedded systems. In this work, we present techniques that reduce the large code cache sizes of VEEs by continually eliminating dead cached code as the guest application executes. We use both a time-based heuristic and an execution count-based heuristic to predict code lifetime. When we determine that the lifetime of code has ended, we remove it from the code cache. We found that at least 20 % code cache reduction can be achieved on average, without a significant performance degradation. 1.

Dynamic binary translators (DBTs) provide powerful platforms for building dynamic program monitoring and adaptation tools. DBTs, however, have high memory demands because they cache translated code and auxiliary code to a software code cache and must also maintain data structures to support the code cache. The high memory demands make it difficult for memory-constrained embedded systems to take advantage of DBT-based tools. Previous research on DBT memory management focused on the translated code and auxiliary code only. However, we found that data structures are comparable to the code cache in size. We show that the translated code size, auxiliary code size and the data structure size interact in a complex manner, depending on the path selection (trace selection and link formation) strategy. Therefore, holistic memory efficiency (comprising translated code, auxiliary code and data structures)

Commodity applications can pose a serious threat to users’ confidential information when they do not have sufficient security features or are configured improperly. This problem is difficult due to the unavailability of these applications’ source code, which renders the techniques such as compiler-level security enhancement hard to apply. Existing solutions rely on either system-call level control, which is often too coarse-grained, or instruction-level dataflow tracking, which is too expensive to operate online. In this paper, we present a new solution called Leapfrog which retrofits binary executables with mandatory dataflow control. Our technique enables a “patched” application to perform fine-grained dataflow control at a performance penalty which in many cases can be neglected. This is achieved through a novel technique that tracks sensitive data flows only at a small set of program locations: each location uses the program’s internal state and pre-computed conditions to predict the path the data flows will go through and the next location they will reach. As a result, the sensitive data can be followed until they are to be sent out to the Internet, where they are controlled according to security policies. Such dataflow tracking and control is supported by an offline analysis which identifies the execution paths for processing sensitive data and the conditions for the data to propagate along these paths. We further mitigate the coverage concern of this analysis through enforcing a security policy that disallows highly sensitive data to be processed by unknown execution paths without disrupting a program’s operations. Leapfrog works on multithreaded applications and can attach code to an application without functionally altering its executable files. Our evaluations show that our technique effectively protects sensitive information in misconfigured applications and those with security flaws, and also incurs a small runtime overhead.