Spectre attack prevention added to GrammaTech’s Cyber Hardening Services
The solution protects legacy programs from branch target injection without the need to recompile the code. The need for a solution has become urgent for security professionals that fear their systems will be vulnerable to Spectre attacks, which can be vectored to gain access to confidential information. Many companies have rushed to code patches for popular compilers to secure systems from Spectre, but many industries don’t have the luxury of being able to recompile application or source code. Systems, such as those found in IoT, defence, medical or industrial applications can therefore remain vulnerable.
GrammaTech’s Cyber Hardening Services now allow for the protection of critical applications and libraries from Spectre without recompiling. The service performs binary analysis to look for vulnerable areas of code and then adds mitigation code to those locations. The mitigation code follows the ‘retpolines’ approach published by Google.
More information
Related news
GrammaTech (“CodeSonar”) joins in DARPA system-security research
Code analysis tool yields metric on project security risk level
Infineon and Escrypt work to secure on-board communication
“Safe for the Future” panel discussion returns to Embedded Worldwide