Explore the challenges of embedded binary security in this 20-minute conference talk from USENIX Enigma 2017. Delve into the embedded ecosystem, examining the state of binary security and the obstacles faced when adopting modern exploit mitigations. Learn about the unique constraints of embedded environments, the prevalence of unsafe languages, and the complexities of patch deployment. Gain insights from security research on popular embedded operating systems and the development of mitigations for Industrial Control Systems. Understand the importance of addressing these security concerns in a world where embedded systems are ubiquitous, from consumer electronics to critical infrastructure.
Ghost in the Machine: Challenges in Embedded Binary Security - Enigma 2017
USENIX Enigma Conference via YouTube
Overview
Syllabus
Intro
EMBEDDED BINARY SECURITY
BINARY SECURITY & MEMORY CORRUPTION
MITIGATIONS: WHAT IF?
WHY EXPLOIT MITIGATIONS?
WHAT MITIGATIONS ARE WE TALKING ABOUT?
EMBEDDED SYSTEMS ARE DIVERSE
MITIGATION DEPENDENCIES
ADDRESS SPACE LAYOUT RANDOMIZATION (ASLR)
VIRTUAL MEMORY
EXECUTABLE SPACE PROTECTION (ESP)
HARDWARE FEATURES
STACK CANARIES
ADDRESSING ESP CHALLENGES
ADDRESSING OS CSPRNG CHALLENGES
EMBEDDED CFI CHALLENGES
CALL TO ACTION
Taught by
USENIX Enigma Conference
