Abstract: In a general aspect, a computer implemented method can include identifying, in a program code stored in computer memory, a location of a dynamic repair target code section for an assignment to a program variable, a value of which is known only at runtime. The method can also include modifying the program code at the identified location of the dynamic repair target code section to assign an immediate value different from a correct runtime value to the program variable. The method can further include inserting, into the program code in the computer memory, a dynamic repair probe code section that is executed before the dynamic repair target code and, at runtime, modifies the immediate value in the code to contain the correct runtime value when an attack has not occurred.

Abstract: A computer implemented anti-tamper system employing runtime profiling of software in order to decide where to inject integrity checks into the software, to enable verification of whether or not the software has been tampered with. Runtime profiling and analysis is used to record information about the application, in order to establish the locations and targets of runtime integrity checks in order to optimize protection security, while minimizing the performance penalty and the need for hand configuration.

Abstract: In a general aspect, a computer implemented method can include identifying, in a program code stored in computer memory, a location of a dynamic repair target code section for an assignment to a program variable, a value of which is known only at runtime. The method can also include modifying the program code at the identified location of the dynamic repair target code section to assign an immediate value different from a correct runtime value to the program variable. The method can further include inserting, into the program code in the computer memory, a dynamic repair probe code section that is executed before the dynamic repair target code and, at runtime, modifies the immediate value in the code to contain the correct runtime value when an attack has not occurred.

Abstract: Program code is modified to execute correctly only when code and data memory accesses/fetches are synchronised, i.e. data and code accesses/fetches are routed to identical physical addresses in computer memory. This indirectly defeats the MMU attack, in which code and data memory accesses/fetches to the same logical address are routed to different physical addresses. The program code is modified such that one or more sections of the code (“repair targets”) are deliberately broken so that the program code will not execute correctly, the repair targets being replaced at run time with correct code before the repair targets are executed.

Abstract: Program code is modified to execute correctly only when code and data memory accesses/fetches are synchronised, i.e. data and code accesses/fetches are routed to identical physical addresses in computer memory. This indirectly defeats the MMU attack, in which code and data memory accesses/fetches to the same logical address are routed to different physical addresses. The program code is modified such that one or more sections of the code (“repair targets”) are deliberately broken so that the program code will not execute correctly, the repair targets being replaced at run time with correct code before the repair targets are executed.

Abstract: A computer implemented anti-tamper system employing runtime profiling of software in order to decide where to inject integrity checks into the software, to enable verification of whether or not the software has been tampered with. Runtime profiling and analysis is used to record information about the application, in order to establish the locations and targets of runtime integrity checks in order to optimise protection security, while minimising the performance penalty and the need for hand configuration.