Unsecuring Embedded Systems
Unsecuring Embedded Systems
| Seminare | 2 SWS / 5 ECTS |
| Veranstalter: | Claudia Eckert |
| Zeit und Ort: | Preliminary Online Meeting: Tuesday, 06 February 2024 at 17.00 h Link: Slides: https://owncloud.fraunhofer.de/index.php/s/9w6Zy6vLFCFdwI8 The seminar is offered in cooperation with Fraunhofer AISEC: Katharina Bogad Simon Ott |
| Beginn: |
Securing embedded computing has become a major issue
in the wake of connected devices. Many clever approaches
have been proposed, all with their unique strengths
and weaknesses. All of these approaches however
hinge their security guarantees on a number of (sometimes not so)
carefully chosen assumptions.
In particular, on embedded devices, processor features that
have been abused to provide security guarantees like Memory
Management Units (MMUs) are often times not available. In
their place comes a Memory Protection Unit (MPU), which
can protect memory regions from being read, written,
or executed. Generally, unless configured precisely,
this still cannot be used as a security mechanism defending
against semi-powerful attackers as, depending on the
embedded platform, numerous circumventions of any MPU
might exist.
To overcome limitations in existing MPU designs, several
schemes have been proposed, mainly including memory compartmentalization,
or hardware extensions. Unfortunately, unlike in fields like cryptography,
published approaches rarely face the scrutiny of hindsight:
Even if attacks get published or assumptions are shown
to not hold (or not hold univocally), one needs to be
an expert in the field of embedded device security to
spot published (and supposedly well-known) weaknesses.
This seminar therefore focuses on exploring (theoretical)
weaknesses in memory protection schemes devised for ARMv7
Cortex-M microcontrollers, using MPU-based techniques
to ensure their security.
Requirements:
- IT-Sicherheit (IN0042)
- Einführung in die Rechnerarchitektur (IN0004)
- Grundlagenpraktikum: Rechnerarchitektur (IN0005)
- Grundlagen Betriebssysteme und Systemsoftware (IN0009)
Optional, but recommended:
- Practical Course Binary Exploitation or Advanced Binary Exploitation
- Basic knowledge of the ARM Architecture
The seminar is suitable for up to 7 students.