FRAMER/Miu: Tagged Pointer-based Capability and Fundamental Cost of Memory Safety & Coherence (Position Paper)

TL;DR

This position paper discusses a tagged pointer-based capability system called FRAMER/Miu, aiming to balance system correctness and performance costs, and proposes future hardware and software integration for memory safety and coherence.

Contribution

It introduces a novel tagged pointer-based capability framework and outlines plans for its development as a software and hardware solution for memory safety.

Findings

Proposes a capability system balancing correctness and performance.

Outlines a prototype for future hardware design.

Plans for extending FRAMER/Miu framework.

Abstract

Ensuring system correctness, such as memory safety, can eliminate security vulnerabilities that attackers could exploit in the first place. However, high and unpredictable performance degradation remains a primary challenge. Recognizing that it is extremely difficult to achieve complete system correctness for production deployment, researchers make trade-offs between performance, detection coverage, interoperability, precision, and detection timing. This research strikes a balance between comprehensive system protection and the costs required to obtain it, identifies the desirable roles of software and hardware, and presents a tagged pointer-based capability system as a stand-alone software solution and a prototype for future hardware design. This paper presents follow-up plans for the FRAMER/Miu generic framework to achieve these goals.