SoK: Runtime Integrity

This paper provides a systematic exploration of runtime integrity mechanisms, such as Control Flow Integrity (CFI) and Control Flow Attestation (CFA). It examines their differences and relationships while addressing crucial questions about the goals, assumptions, features, and design spaces. It includes examining a potential coexistence of CFI and CFA on the same platform. Through a comprehensive review of existing defenses, this paper positions CFI and CFA within the broader landscape of runtime defenses, critically evaluating their strengths, limitations, and trade-offs. The findings emphasize the importance of further research to bridge the gaps between CFI and CFA, advancing the field of runtime defenses.