Learn about critical security vulnerabilities in IoT devices through this 22-minute conference talk from WOOT '24 that exposes fundamental weaknesses in Texas Instruments' IP Encapsulation (IPE) trusted execution environment. Discover how researchers from Virginia Tech developed RIPencapsulation, an attack that exploits lack of call site enforcement and residual state issues to compromise proprietary code and secret data on MSP430 and MSP432 devices. Explore how this attack can reveal cryptographic keys and enable unauthorized TEE memory access within minutes, even when following manufacturer security guidelines. Gain insights into the challenges of protecting IoT devices that balance complex software requirements with physical attacker access, and understand the limitations of current hardware-based security solutions.
RIPencapsulation: Defeating IP Encapsulation on TI MSP Devices
Overview
Syllabus
WOOT '24 - RIPencapsulation: Defeating IP Encapsulation on TI MSP Devices
Taught by
USENIX
Related Courses
-
Intellectual Property Exposure: Subverting and Securing Intellectual Property Encapsulation in Texas Instruments Microcontrollers
-
Faults in Our Bus - Novel Bus Fault Attack to Break Trusted Execution Environments in Embedded Systems
-
TrustZone-M Security Vulnerabilities in Microcontroller TEEs - Lessons Learned
-
A Comprehensive Study on the Security of Arm Cortex-M Systems
