HPCCFA: Leveraging Hardware Performance Counters for Control Flow Attestation
arXiv:2603.29749v1 Announce Type: new Abstract: Trusted Execution Environments (TEEs) allow the secure execution of code on remote systems without the need to trust their operators. They use static attestation as a central mechanism for establishing trust, allowing remote parties to verify that their code is executed unmodified in an isolated environment. However, this form of attestation does not cover runtime attacks, where an attacker exploits vulnerabilities in the software inside the TEE. Control Flow Attestation (CFA), a form of runtime attestation, is designed to detect such attacks. In this work, we present a method to extend TEEs with CFA and discuss how it can prevent exploitation in the event of detected control flow violations. Furthermore, we introduce HPCCFA, a mechanism that
View PDF HTML (experimental)
Abstract:Trusted Execution Environments (TEEs) allow the secure execution of code on remote systems without the need to trust their operators. They use static attestation as a central mechanism for establishing trust, allowing remote parties to verify that their code is executed unmodified in an isolated environment. However, this form of attestation does not cover runtime attacks, where an attacker exploits vulnerabilities in the software inside the TEE. Control Flow Attestation (CFA), a form of runtime attestation, is designed to detect such attacks. In this work, we present a method to extend TEEs with CFA and discuss how it can prevent exploitation in the event of detected control flow violations. Furthermore, we introduce HPCCFA, a mechanism that uses HPCs for CFA purposes, enabling hardware-backed trace generation on commodity CPUs. We demonstrate the feasibility of HPCCFA on a proof-of-concept implementation for Keystone on RISC-V. Our evaluation investigates the interplay of the number of measurement points and runtime protection, and reveals a trade-off between detection reliability and performance overhead.
Subjects:
Cryptography and Security (cs.CR)
Cite as: arXiv:2603.29749 [cs.CR]
(or arXiv:2603.29749v1 [cs.CR] for this version)
https://doi.org/10.48550/arXiv.2603.29749
arXiv-issued DOI via DataCite (pending registration)
Submission history
From: Claudius Pott [view email] [v1] Tue, 31 Mar 2026 13:51:30 UTC (439 KB)
Sign in to highlight and annotate this article
Conversation starters
Daily AI Digest
Get the top 5 AI stories delivered to your inbox every morning.
More about
announcevaluationarxiv
Gill Pratt Says Humanoid Robots’ Moment Is Finally Here
In 2012, the U.S. Defense Advanced Research Projects Agency announced the DARPA Robotics Challenge (DRC). The multi-year, multi-million-dollar competition for disaster robotics resulted in Boston Dynamics’ Atlas , some absolutely incredible moments from one of the very first generations of useful humanoid robots, and a blooper video that will live on forever. Gill Pratt , the architect of the competition, had a very clear understanding of what the DRC was going to do for robotics. “The reason [for the DARPA Robotics Challenge] is actually to push the field forward and make this capability a reality,” Pratt told IEEE Spectrum in 2012 . At the time, he pointed out that before the DARPA Grand Challenge in 2004 and the DARPA Urban Challenge in 2007, driverless cars for complex environments ess
The Algorithmic Edge: Launching Your Day Trading Journey with AI Sentiment and Next-Gen Charting
The Modern Trader's Toolkit: From Automated Signals to Market Sentiment AI The landscape of retail trading has undergone a seismic shift in the last five years. Where once a Bloomberg Terminal, a broker's phone line, and gut instinct were the primary tools, today's trader navigates a digital ecosystem powered by artificial intelligence, real-time analytics, and democratized data. For aspiring and established traders alike, the challenge is no longer accessing information, but intelligently filtering the signal from the noise. This evolution has given rise to sophisticated AI trading signals , comprehensive educational resources like a day trading guide for beginners , and powerful analytics platforms that go beyond traditional charting. Understanding these tools—and how they integrate—is n
In-Silico Perturbation Meets Single-Cell Foundation Models: From Zero-Shot Potential to Fine-Tuned…
In-Silico Perturbation Meets Single-Cell Foundation Models: From Zero-Shot Potential to Fine-Tuned Signal Editor’s note: Xiong Liu, Director of Data Science and AI at Novartis, will speak at ODSC AI East 2026 this April 28th-30th. Check out his talk, “ Evaluating Foundation Models for in-silico Target Discovery ,” there! In-silico perturbation (ISP) aims to simulate how cells shift state under an intervention, such as a genetic or chemical manipulation. Single-cell foundation models (scFMs) like Geneformer and scGPT make this goal especially compelling. Pretrained on massive single-cell atlases, they learn embeddings that can be applied to downstream tasks with relatively little additional modeling. However, a gap remains between the technical possibility of ISP and its biological trustwor
Knowledge Map
Connected Articles — Knowledge Graph
This article is connected to other articles through shared AI topics and tags.
More in Releases
In the Presence of the Minister of Energy, Cisco and King Abdullah University of Science and Technology (KAUST) launch landmark AI Institute to accelerate AI research, development, and talent in Saudi Arabia - Cisco Newsroom
In the Presence of the Minister of Energy, Cisco and King Abdullah University of Science and Technology (KAUST) launch landmark AI Institute to accelerate AI research, development, and talent in Saudi Arabia Cisco Newsroom
Gemma 4 1B, 13B, and 27B spotted
[Gemma 4](INSET_PAPER_LINK) is a multimodal model with pretrained and instruction-tuned variants, available in 1B, 13B, and 27B parameters. The architecture is mostly the same as the previous Gemma versions. The key differences are a vision processor that can output images of fixed token budget and a spatial 2D RoPE to encode vision-specific information across height and width axis. You can find all the original Gemma 4 checkpoints under the [Gemma 4]( https://huggingface.co/collections/google/gemma-4-release-67c6c6f89c4f76621268bb6d ) release. submitted by /u/TKGaming_11 [link] [comments]
Discussion
Sign in to join the discussion
No comments yet — be the first to share your thoughts!