RunSafe Security

continuous delivery of runtime-protected code

Many of today’s most damaging cyber attacks exploit memory corruption vulnerabilities (e.g. heap overflow, stack overflow), which persist even with code scanning.

RunSafe Security’s Alkemist is a suite of software tools that apply memory protections directly into code, enabling that code to protect itself from memory corruption vulnerabilities without altering the functionality of the code.

Alkemist provides run-time protection to a wide range of systems without changing original functionality. Alkemist reduces attack surfaces and improves Cyber Supply Chain Risk Management (C-SCRM). Target software includes inhouse developed, COTS, GOTS, and open source running on IT enterprise equipment, OT and IoT devices, and specialized embedded systems. Alkemist protected software components are immunized against memory corruption attacks, including zero-days. Alkemist disrupts memory exploitation by varying the attack surface (the layout of your code).

Alkemist products seamlessly integrate protections into your software development life cycle at build or deploy time. With Alkemist, you have two options: Alkemist:Source and Alkemist:Repo.

Alkemist: Source

Alkemist:Source randomizes the memory address for each function, making reliable exploitation nearly impossible for an attacker. Alkemist:Source uses a proprietary technique called Load-time Function Randomization (LFR).

Alkemist:Source features

Low Overhead

Alkemist:Source has an imperceptible effect on program initialization and runtime performance. When using the SPEC CPU2006 test suite, Alkemist:Source adds less than a 1% overhead to most of the benchmark running times. This percentage drops even lower when Alkemist:Source is applied to long-running services/daemons.

Load-time Randomization

Binaries built with Alkemist:Source are randomized when loaded into main memory. This means that protected programs can be distributed just like traditional programs and can use the same checksum and signature tools too.

Easy to Use

No changes to build tools or processes are required. In most cases, using Alkemist:Source is as easy as prepending our helper script to the beginning of your build command.

How Alkemist Works

Memory layouts have evolved a lot over time, but there are still fundamental problems that have plagued them all. On the left is the memory layout representative of a program built in the late 90s. Each time a program was executed, or library loaded, the memory addresses of each program were the same. In the early 2000s most OSes began adopting Address Space Layout Randomization (ASLR) to help prevent attackers from always knowing where . ASLR randomizes the base address of a program each time it is executed, but has an inherent weakness in that the whole program is moved as one unit. Introduction of ASLR made exploitation of memory corruption vulnerabilities more difficult, but ASLR can be defeated easily by one information leak. Alkemist:Source improves upon the ASLR concept by randomizing each function within a program. An important aspect of Alkemist:Source is that while functions move around in memory, the functionality of the program stays identical. One way to assess functionality is to look at the call graph of a program. Let’s consider a simple program with five functions with a call graph shown in the left of the figure below. The call graph would read: Function 1 calls Function 3, Function 3 calls Function 2, Function 2 calls Function 4, and Function 4 calls Function 5. For simplicity’s sake, consider all functions to be contiguous in memory in the order shown in the figure. On the right is the same program, with the same five functions, after the program is executed and Alkemist:Source randomizes the functions in memory. You will see that while the functions are not in the same location, the call graph is the same. By building Alkemist:Source into your software, you deprive the attacker the ability to reliably exploit your software because the code they need to execute is never in the same place twice. Additionally, any failed attempts to exploit Alkemist:Source-protected software result in the program crashing. When the software is launched again, any information an attacker could gain from the previous failed exploit attempt would not be useful because the program will have been randomized again. Alkemist:Source allows you to continue using your existing compiler and linker. We accomplish this by sitting in front of the linker, making the modifications needed, and then calling your linker. This process can be seen in the figure below. The top path through the process is what a normal build looks like, abstracting away the infinite complexities that build systems bring. Alkemist:Source has been proven to work with builds as simple as a “Hello, World” example built with GCC all the way to a complex Yocto-based build using different compilers per project. With Alkemist:Source in the mix, compilation takes a slightly different path at the linking stage, where we inject information needed to accomplish our runtime randomization.

Download the Technical Overview

Visit the RunSafe Website

Alkemist:Repo

Alkemist:Repo applies Alkemist:Source to common open-source applications, repackaging them with memory protections by default.

Alkemist:Repo Features

Proven Protection

Alkemist:Repo offerings infuse run-time cyber protections directly into open source code using Alkemist:Source technology. Software is automatically secured from the most common and severe types of cyber attacks with the highest level of protection.

Secures Third-Party Software

When using open-source software, developers have minimal insight into and control over the security of those applications. By using Alkemist:Repo, the same applications can be used while knowing that an entire class of security vulnerabilities has been mitigated.