Modern computing systems face heterogeneous security threats—including memory corruption, speculative execution vulnerabilities, and control-flow hijacking—yet existing defenses are typically isolated, suffering from high performance overhead and incomplete coverage. This paper proposes the Variable Record Table (VRT), a hardware-assisted unified runtime security framework that, for the first time, jointly enforces spatial memory safety, backward control-flow integrity (CFI), and speculative execution attack detection within a single lightweight hardware structure. VRT employs dynamic instruction instrumentation to extract address, bounds metadata, and control-flow signatures, constructing a real-time-updated protection table; a custom hardware unit enables near-zero-instruction-overhead, low-latency detection. Evaluated on MiBench and SPEC benchmarks, VRT achieves 100% attack detection rate with less than 25 KB of storage (512 entries), incurring only 8% area overhead and 11.65 μW power consumption.

Modern computing systems face security threats, including memory corruption attacks, speculative execution vul- nerabilities, and control-flow hijacking. Although existing solu- tions address these threats individually, they frequently introduce performance overhead and leave security gaps. This paper presents a Variable Record Table (VRT) with a unified hardware- assisted framework that simultaneously enforces spatial memory safety against buffer overflows, back-edge control-flow integrity (CFI), and speculative execution attack detection. The VRT dynamically constructs a protection table by instrumenting run- time instructions to extract memory addresses, bounds metadata, and control-flow signatures. Our evaluation across MiBench and SPEC benchmarks shows that VRT successfully detects all attack variants tested with zero additional instruction overhead. Fur- thermore, it maintains memory requirements below 25KB (for 512 entries) and maintains area / power overhead under 8% and 11.65 μW, respectively. By consolidating three essential security mechanisms into a single hardware structure, VRT provides comprehensive protection while minimizing performance impact.