Description
Bachelor’s thesis in cooperation with Fraunhofer AISEC Considering Attackers with Root Access in Embedded Linux Update Systems Secure over-the-air updates become increasingly important as the number of IoT devices rises. While software updates are crucial to patch system vulnerabilities, they can also introduce new attack vectors. Our previous research indicates that most of the open-source update solutions1 have a large Trusted Computing Base (TCB) making them susceptible to root attackers. Hence, in a previous project we have proposed SUITED, a mechanism which excludes the Linux OS from the TCB by performing all update verification and in- stallation in the U-Boot bootloader. The goal of this Bachelor thesis is to improve the security of an existing open-source update solution using SUITED. Therefore, a suitable solution needs to be identified and modified to perform update installation and verification in the bootloader. The feasibility of the approach shall be demonstrated in a proof of concept (PoC) implementation. Task Description • Research existing embedded Linux update solutions • Evaluate compatibility between existing solutions and SUITED • Provide a PoC implementation of one update solution using SUITED • Evaluate the efficiency and the security of the implementation Requirements • High motivation and ability to work independently • Good C programming skills • Preferably experience with U-Boot bootloader and/or the Yocto Toolchain. Contact Please send your application with current CV and transcript of records to: Corinna Lingstädt Secure Embedded Systems Software Department Secure Operating Systems corinna.lingstaedt@aisec.fraunhofer.de Phone: +49 89 322 9986-1022
Dr. Mykolai Protsenko Head of Research Group Secure Embedded Systems Software Department Secure Operating Systems mykolai.protsenko@aisec.fraunhofer.de Phone: +49 89 322 9986-192
1e.g. https://rauc.io/, https://mender.io/, https://sbabic.github.io/swupdate/
Fraunhofer Institute for Applied and Integrated Security (AISEC) Lichtenbergstr. 11, 85748 Garching near Munich Publication Date: 07.12.2022
|