An Empirical Study on the Characteristics of Program Control Flow Data

Abstract: Program control flow described in the program dictates its behavior. To have the software behavior dependable and trustworthy, it is critical to secure the program control flow data. Software faults and attacks cause unwanted control flow transfers in program execution via compromised control flow data. However, there are surprisingly little studies on the characteristics of program control flow data. To represent a program control flow, one needs information on the source and the destination, preferably also the path to reach the source, of each control transfer instance. Since they together represent each control transfer instance uniquely, it can be considered a program behavior signature. This paper reports how many unique sources and destinations there are in the execution profiles. The profiled execution traces show that the number of unique control flow transfer instances are surprisingly low, which suggest that confining the program control flow within the set of the unique control flow transfers are feasible in practice. With the control flow confinement, software behavior would be within the expected scope, avoiding unexpected mis-behavior, which leads to more dependable and secure environment for IoT (Internet of Things) and CPS (Cyber Physical System).