Title	
Exploring the Memory Safety Design Space

Authors
Michael	Engel	michael.engel@uni-bamberg.de	Germany	University of Bamberg	https://multicores.org

Abstract
Bugs in memory allocation have been termed a "billion-dollar mistake" by Tony Hoare and as of 2016, Microsoft attributed nearly 70% of CVEs in their software to memory safety issues.

Accordingly, a number of hardware and software approaches have been developed or rediscovered that attempt to mitigate bugs in memory management. On the software side, well-known examples include the Rust and Zig programming languages, whereas on the hardware side, capabilities were rediscovered and alternative techniques such as pointer authentication or memory tagging extensions were introduced.

All these approaches serve different purposes, such as protection against bugs for program stability vs. protection against attacks, and have varying assurance guarantees, e.g. strict vs. probabilistic protection. Accordingly, these approaches come with different functional as well as non-functional requirements. This, in turn, makes it a complex task to select an appropriate approach or combination of technologies for a given task.

In this talk, we explore this complex design space of current mitigation approaches and their properties with a special focus on ways to combine different approaches, especially in the context of hardware-software codesign approaches.