Multi-Tag: A Hardware-Software Co-Design for Memory Safety based on Multi-Granular Memory Tagging

Martin Unterguggenberger*, David Schrammel, Pascal Nasahl, Robert Schilling, Lukas Anton Lamster, Stefan Mangard

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review


Memory safety vulnerabilities are a severe threat to modern computer systems allowing adversaries to leak or modify security-critical data. To protect systems from this attack vector, full memory safety is required. As software-based countermeasures tend to induce significant runtime overheads, which is not acceptable for production code, hardware assistance is needed. Tagged memory architectures, e.g., already offered by the ARM MTE and SPARC ADI extensions, assign meta-information to memory objects, thus allowing to implement memory safety policies. However, due to the high tag collision probability caused by the small tag sizes, the protection guarantees of these schemes are limited.

This paper presents Multi-Tag, the first hardware-software co-design utilizing a multi-granular tagging structure that provides strong protection against spatial and temporal memory safety violations. By combining object-granular memory tags with page-granular tags stored in the page table entries, Multi-Tag overcomes the limitation of small tag sizes. Introducing page-granular tags significantly enhances the probabilistic protection capabilities of memory tagging without increasing the memory overhead or the system's complexity. We develop a prototype implementation comprising a gem5 model of the tagged architecture, a Linux kernel extension, and an LLVM-based compiler toolchain. The simulated performance overhead for the SPEC CPU2017 and nbench-byte benchmarks highlights the practicability of our design.
Original languageEnglish
Title of host publicationASIA CCS 2023 - Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security
PublisherAssociation of Computing Machinery
Number of pages13
ISBN (Electronic)9798400700989
Publication statusPublished - 10 Jul 2023
Event2023 ACM ASIA Conference on Computer and Communications Security: ASIA CCS 2023 - Melbourne, Australia
Duration: 10 Jul 202314 Jul 2023
Conference number: 2023

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221


Conference2023 ACM ASIA Conference on Computer and Communications Security
Abbreviated titleASIA CCS 2023


  • Memory Safety
  • Multi-Granular Tags
  • Tagged Memory Architecture

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'Multi-Tag: A Hardware-Software Co-Design for Memory Safety based on Multi-Granular Memory Tagging'. Together they form a unique fingerprint.

Cite this