CCTAG: Configurable and Combinable Tagged Architecture
Zhanpeng Liu
Network and Distributed System Security (NDSS) Symposium 2025 · Day 2 · Hard- & Firmware Security
Memory safety vulnerabilities remain a critical and pervasive threat in modern software systems, often leading to severe security breaches. Despite ongoing efforts to identify and patch these flaws, the sheer volume and complexity of codebases mean that many vulnerabilities remain undiscovered or unaddressed in a timely manner. This challenge underscores the pressing need for robust defensive mechanisms capable of mitigating both known and unknown memory-related exploits. Zhanpeng Liu's talk introduces **CCTAG** (Configurable and Combinable Tagged Architecture), a novel hardware/software co-design approach that aims to enhance memory safety by attaching fine-grain security metadata, or "tags," to registers and memory.
AI review
Legitimate hardware/software co-design research from a PKU master's student presenting at NDSS — this is real work, not marketing. The tagged architecture with policy-centric mask design for combinable memory safety policies is a genuine technical contribution, though it sits in a well-populated neighborhood alongside CHERI, PUMP, ARM MTE, and a dozen academic tagged-memory proposals from the last decade. Solid execution, credible numbers, but not a field-defining result.