Formal Methods and Software Engineering

Volume 3785 of the series Lecture Notes in Computer Science pp 111-124

A Theory of Secure Control Flow

  • Martín AbadiAffiliated withComputer Science Department, University of California
  • , Mihai BudiuAffiliated withMicrosoft Research
  • , Úlfar ErlingssonAffiliated withMicrosoft Research
  • , Jay LigattiAffiliated withComputer Science Department, Princeton University

* Final gross prices may vary according to local VAT.

Get Access


Control-Flow Integrity (CFI) means that the execution of a program dynamically follows only certain paths, in accordance with a static policy. CFI can prevent attacks that, by exploiting buffer overflows and other vulnerabilities, attempt to control program behavior. This paper develops the basic theory that underlies two practical techniques for CFI enforcement, with precise formulations of hypotheses and guarantees.