{"id":"https://openalex.org/W3202481135","doi":"https://doi.org/10.1145/3461673","title":"SCALPEL: Exploring the Limits of Tag-enforced Compartmentalization","display_name":"SCALPEL: Exploring the Limits of Tag-enforced Compartmentalization","publication_year":2021,"publication_date":"2021-09-29","ids":{"openalex":"https://openalex.org/W3202481135","doi":"https://doi.org/10.1145/3461673","mag":"3202481135"},"language":"en","primary_location":{"id":"doi:10.1145/3461673","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3461673","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3461673","source":{"id":"https://openalex.org/S96198239","display_name":"ACM Journal on Emerging Technologies in Computing Systems","issn_l":"1550-4832","issn":["1550-4832","1550-4840"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Journal on Emerging Technologies in Computing Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3461673","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5037846070","display_name":"Nick Roessler","orcid":"https://orcid.org/0000-0002-9298-8444"},"institutions":[{"id":"https://openalex.org/I79576946","display_name":"University of Pennsylvania","ror":"https://ror.org/00b30xv10","country_code":"US","type":"education","lineage":["https://openalex.org/I79576946"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Nick Roessler","raw_affiliation_strings":["University of Pennsylvania, Philadelphia, PA, USA"],"raw_orcid":"https://orcid.org/0000-0002-9298-8444","affiliations":[{"raw_affiliation_string":"University of Pennsylvania, Philadelphia, PA, USA","institution_ids":["https://openalex.org/I79576946"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5087585086","display_name":"Andr\u00e9 DeHon","orcid":"https://orcid.org/0000-0001-9177-7699"},"institutions":[{"id":"https://openalex.org/I79576946","display_name":"University of Pennsylvania","ror":"https://ror.org/00b30xv10","country_code":"US","type":"education","lineage":["https://openalex.org/I79576946"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Andr\u00e9 DeHon","raw_affiliation_strings":["University of Pennsylvania, Philadelphia, PA, USA"],"raw_orcid":"https://orcid.org/0000-0001-9177-7699","affiliations":[{"raw_affiliation_string":"University of Pennsylvania, Philadelphia, PA, USA","institution_ids":["https://openalex.org/I79576946"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5037846070"],"corresponding_institution_ids":["https://openalex.org/I79576946"],"apc_list":null,"apc_paid":null,"fwci":0.14,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":{"value":0.56617375,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"18","issue":"1","first_page":"1","last_page":"28"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10054","display_name":"Parallel Computing and Optimization Techniques","score":0.9922000169754028,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11005","display_name":"Radiation Effects in Electronics","score":0.9898999929428101,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/compartmentalization","display_name":"Compartmentalization (fire protection)","score":0.7167943120002747},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6716020107269287},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.5544777512550354},{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.5480818152427673},{"id":"https://openalex.org/keywords/cache","display_name":"Cache","score":0.5107357501983643},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.45655718445777893},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.4251364469528198},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.36622774600982666},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.318214476108551},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.18020063638687134},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.13875827193260193}],"concepts":[{"id":"https://openalex.org/C110455231","wikidata":"https://www.wikidata.org/wiki/Q897788","display_name":"Compartmentalization (fire protection)","level":3,"score":0.7167943120002747},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6716020107269287},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.5544777512550354},{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.5480818152427673},{"id":"https://openalex.org/C115537543","wikidata":"https://www.wikidata.org/wiki/Q165596","display_name":"Cache","level":2,"score":0.5107357501983643},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.45655718445777893},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.4251364469528198},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.36622774600982666},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.318214476108551},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.18020063638687134},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.13875827193260193},{"id":"https://openalex.org/C55493867","wikidata":"https://www.wikidata.org/wiki/Q7094","display_name":"Biochemistry","level":1,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C181199279","wikidata":"https://www.wikidata.org/wiki/Q8047","display_name":"Enzyme","level":2,"score":0.0},{"id":"https://openalex.org/C185592680","wikidata":"https://www.wikidata.org/wiki/Q2329","display_name":"Chemistry","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3461673","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3461673","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3461673","source":{"id":"https://openalex.org/S96198239","display_name":"ACM Journal on Emerging Technologies in Computing Systems","issn_l":"1550-4832","issn":["1550-4832","1550-4840"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Journal on Emerging Technologies in Computing Systems","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3461673","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3461673","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3461673","source":{"id":"https://openalex.org/S96198239","display_name":"ACM Journal on Emerging Technologies in Computing Systems","issn_l":"1550-4832","issn":["1550-4832","1550-4840"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Journal on Emerging Technologies in Computing Systems","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.75,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3202481135.pdf","grobid_xml":"https://content.openalex.org/works/W3202481135.grobid-xml"},"referenced_works_count":30,"referenced_works":["https://openalex.org/W136211262","https://openalex.org/W1983716141","https://openalex.org/W1986465830","https://openalex.org/W2018983843","https://openalex.org/W2056073317","https://openalex.org/W2060475972","https://openalex.org/W2065076704","https://openalex.org/W2080251468","https://openalex.org/W2086959852","https://openalex.org/W2095881341","https://openalex.org/W2117590013","https://openalex.org/W2139588056","https://openalex.org/W2150120520","https://openalex.org/W2171482413","https://openalex.org/W2310426546","https://openalex.org/W2528661589","https://openalex.org/W2534917055","https://openalex.org/W2607362719","https://openalex.org/W2610782608","https://openalex.org/W2622648307","https://openalex.org/W2794073659","https://openalex.org/W2795239434","https://openalex.org/W2969920946","https://openalex.org/W2988741178","https://openalex.org/W3150368109","https://openalex.org/W3150696551","https://openalex.org/W4205353076","https://openalex.org/W4235021791","https://openalex.org/W4249114917","https://openalex.org/W4250371892"],"related_works":["https://openalex.org/W17155033","https://openalex.org/W3207760230","https://openalex.org/W1496222301","https://openalex.org/W1590307681","https://openalex.org/W2536018345","https://openalex.org/W4312814274","https://openalex.org/W4285370786","https://openalex.org/W2296488620","https://openalex.org/W2358353312","https://openalex.org/W2081416538"],"abstract_inverted_index":{"We":[0,154],"present":[1],"Secure":[2],"Compartments":[3],"Automatically":[4],"Learned":[5],"and":[6,21,50,113,161],"Protected":[7],"by":[8,176],"Execution":[9],"using":[10,47],"Lightweight":[11],"metadata":[12],"(SCALPEL),":[13],"a":[14,25,33,51,117,138,158,163],"tool":[15],"for":[16,28,90,100,108],"automatically":[17,67],"deriving":[18],"compartmentalization":[19,71,131],"policies":[20,102,172],"lowering":[22],"them":[23],"to":[24,35,58,124,148],"tagged":[26],"architecture":[27,57],"hardware-accelerated":[29],"enforcement.":[30],"SCALPEL":[31,66,85,136,156],"allows":[32,122],"designer":[34],"explore":[36],"high-quality":[37],"points":[38],"in":[39],"the":[40,55,63,74,95,114,126],"privilege-reduction":[41],"vs.":[42],"performance":[43],"overhead":[44],"tradeoff":[45,76],"space":[46],"analysis":[48],"tools":[49],"detailed":[52],"knowledge":[53],"of":[54,62,70,106,130,178,182],"target":[56,162],"make":[59],"best":[60],"use":[61],"available":[64],"hardware.":[65],"implements":[68],"hundreds":[69,181],"strategies":[72],"across":[73],"privilege-performance":[75],"space,":[77],"all":[78],"without":[79],"manual":[80],"tagging":[81],"or":[82],"code":[83],"restructuring.":[84],"uses":[86],"two":[87],"novel":[88],"optimizations":[89],"achieving":[91],"highly":[92,127],"performant":[93],"policies:":[94],"first":[96],"is":[97,116,146],"an":[98],"algorithm":[99],"packing":[101],"into":[103],"working":[104],"sets":[105],"rules":[107],"favorable":[109],"rule":[110,118],"cache":[111],"characteristics,":[112],"second":[115],"prefetching":[119],"system":[120],"that":[121,145,170],"it":[123],"exploit":[125],"predictable":[128],"nature":[129],"rules.":[132],"To":[133],"create":[134],"policies,":[135],"introduces":[137],"quantitative":[139],"privilege":[140],"metric":[141],"(the":[142],"Overprivilege":[143],"Ratio)":[144],"used":[147],"drive":[149],"its":[150],"algorithmic":[151],"compartment":[152],"generation.":[153],"implement":[155],"on":[157],"FreeRTOS":[159],"stack":[160],"tag-extended":[164],"RISC-V":[165],"core.":[166],"Our":[167],"results":[168],"show":[169],"SCALPEL-created":[171],"can":[173],"reduce":[174],"overprivilege":[175],"orders":[177],"magnitude":[179],"with":[180],"logical":[183],"compartments":[184],"while":[185],"imposing":[186],"low":[187],"overheads":[188],"(&lt;5%).":[189]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}