[Zurück]


Vorträge und Posterpräsentationen (mit Tagungsband-Eintrag):

M. Kammerstetter, D. Burian, W. Kastner:
"Embedded Security Testing with Peripheral Device Caching and Runtime Program State Approximation";
Vortrag: Tenth International Conference on Emerging Security Information, Systems and Technologies, Nizza; 24.07.2016 - 28.07.2016; in: "Tenth International Conference on Emerging Security Information, Systems and Technologies", (2016), ISBN: 9781510826939; S. 21 - 26.



Kurzfassung englisch:
Today, interconnected embedded devices are widely
used in the Internet of Things, in sensor networks or in security
critical areas such as the automotive industry or smart grids.
Security on these devices is often considered to be bad which is
in part due to the challenging security testing approaches that
are necessary to conduct security audits. Security researchers
often turn to firmware extraction with the intention to execute
the device firmware inside a virtual analysis environment. The
drawback of this approach is that required peripheral devices are
typically no longer accessible from within the Virtual Machine
and the firmware does no longer work as intended. To improve
the situation, several ways to make the actual peripheral devices
accessible to software running inside an emulator have been
demonstrated. Yet, a persistent problem of peripheral device
forwarding approaches is the typically significant slowdown inside
the analysis environment, rendering resource intense software
security analysis techniques infeasible. In addition, security tests
are hard to parallelize as each instance would also require its
own embedded system hardware. In this work, we demonstrate
an approach that could address both of these issues by utilizing
a cache for peripheral device communication in combination
with runtime program state approximation. We evaluated our
approach utilizing well known programs from the GNU core
utilities package. Our feasibility study indicates that caching of
peripheral device communication in combination with runtime
program state approximation might be an approach for some
of the major drawbacks in embedded firmware security analysis
but, similar to symbolic execution, it suffers from state explosion.

Schlagworte:
Embedded System, Security, Fuzz Testing, Security Analysis


Zugeordnete Projekte:
Projektleitung Wolfgang Kastner:
Adaptable Platform for Active Services Exchange


Erstellt aus der Publikationsdatenbank der Technischen Universität Wien.