Intellectual Property Exposure: Subverting and Securing Intellectual Property Encapsulation in Texas Instruments Microcontrollers

Explore a 12-minute conference talk from USENIX Security '24 that investigates security vulnerabilities in Texas Instruments MSP430 microcontrollers' Intellectual Property Encapsulation (IPE) technology. Dive into an in-depth security evaluation that reveals fundamental protection shortcomings in current IPE hardware, demonstrating how software-level attack techniques from trusted execution environments (TEEs) can be applied to this platform. Learn about a newly discovered attack primitive called "controlled call corruption" that exploits vulnerabilities in the IPE access control mechanism, leading to complete bypass of confidentiality and integrity guarantees. Understand the proposed lightweight hardware modifications for securing IPE and discover a prototype framework that implements software responsibilities to reduce information leakage while utilizing the onboard memory protection unit to restore security guarantees on vulnerable devices with minimal performance impact.