1,294 research outputs found
RIPencapsulation: Defeating IP Encapsulation on TI MSP Devices
Internet of Things (IoT) devices sit at the intersection of unwieldy software
complexity and unprecedented attacker access. This unique position comes with a
daunting security challenge: how can I protect both proprietary code and
confidential data on a device that the attacker has unfettered access to?
Trusted Execution Environments (TEEs) promise to solve this challenge through
hardware-based separation of trusted and untrusted computation and data. While
TEEs do an adequate job of protecting secrets on desktop-class devices, we
reveal that trade-offs made in one of the most widely-used commercial IoT
devices undermine their TEE's security.
This paper uncovers two fundamental weaknesses in IP Encapsulation (IPE), the
TEE deployed by Texas Instruments for MSP430 and MSP432 devices. We observe
that lack of call site enforcement and residual state after unexpected TEE
exits enable an attacker to reveal all proprietary code and secret data within
the IPE. We design and implement an attack called RIPencapsulation, which
systematically executes portions of code within the IPE and uses the partial
state revealed through the register file to exfiltrate secret data and to
identify gadget instructions. The attack then uses gadget instructions to
reveal all proprietary code within the IPE. Our evaluation with commodity
devices and a production compiler and settings shows that -- even after
following all manufacturer-recommended secure coding practices --
RIPencapsultaion reveals, within minutes, both the code and keys from
third-party cryptographic implementations protected by the IPE.Comment: 13 pages, 3 figures, 6 table
lLTZVisor: a lightweight TrustZone-assisted hypervisor for low-end ARM devices
Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresVirtualization is a well-established technology in the server and desktop space
and has recently been spreading across different embedded industries. Facing
multiple challenges derived by the advent of the Internet of Things (IoT) era,
these industries are driven by an upgrowing interest in consolidating and isolating
multiple environments with mixed-criticality features, to address the complex IoT
application landscape. Even though this is true for majority mid- to high-end
embedded applications, low-end systems still present little to no solutions proposed
so far.
TrustZone technology, designed by ARM to improve security on its processors,
was adopted really well in the embedded market. As such, the research community
became active in exploring other TrustZone’s capacities for isolation, like
an alternative form of system virtualization. The lightweight TrustZone-assisted
hypervisor (LTZVisor), that mainly targets the consolidation of mixed-criticality
systems on the same hardware platform, is one design example that takes advantage
of TrustZone technology for ARM application processors. With the recent
introduction of this technology to the new generation of ARM microcontrollers, an
opportunity to expand this breakthrough form of virtualization to low-end devices
arose.
This work proposes the development of the lLTZVisor hypervisor, a refactored
LTZVisor version that aims to provide strong isolation on resource-constrained
devices, while achieving a low-memory footprint, determinism and high efficiency.
The key for this is to implement a minimal, reliable, secure and predictable virtualization
layer, supported by the TrustZone technology present on the newest
generation of ARM microcontrollers (Cortex-M23/33).Virtualização é uma tecnologia já bem estabelecida no âmbito de servidores e
computadores pessoais que recentemente tem vindo a espalhar-se através de várias
indústrias de sistemas embebidos. Face aos desafios provenientes do surgimento
da era Internet of Things (IoT), estas indústrias são guiadas pelo crescimento
do interesse em consolidar e isolar múltiplos sistemas com diferentes níveis de
criticidade, para atender ao atual e complexo cenário aplicativo IoT. Apesar de
isto se aplicar à maioria de aplicações embebidas de média e alta gama, sistemas
de baixa gama apresentam-se ainda com poucas soluções propostas.
A tecnologia TrustZone, desenvolvida pela ARM de forma a melhorar a segurança
nos seus processadores, foi adoptada muito bem pelo mercado dos sistemas embebidos.
Como tal, a comunidade científica começou a explorar outras aplicações
da tecnologia TrustZone para isolamento, como uma forma alternativa de virtualização
de sistemas. O "lightweight TrustZone-assisted hypervisor (LTZVisor)",
que tem sobretudo como fim a consolidação de sistemas de criticidade mista na
mesma plataforma de hardware, é um exemplo que tira vantagem da tecnologia
TrustZone para os processadores ARM de alta gama. Com a recente introdução
desta tecnologia para a nova geração de microcontroladores ARM, surgiu uma
oportunidade para expandir esta forma inovadora de virtualização para dispositivos
de baixa gama.
Este trabalho propõe o desenvolvimento do hipervisor lLTZVisor, uma versão
reestruturada do LTZVisor que visa em proporcionar um forte isolamento em dispositivos
com recursos restritos, simultâneamente atingindo um baixo footprint de
memória, determinismo e alta eficiência. A chave para isto está na implementação
de uma camada de virtualização mínima, fiável, segura e previsível, potencializada
pela tecnologia TrustZone presente na mais recente geração de microcontroladores
ARM (Cortex-M23/33)
TZ- VirtIO: Enabling Standardized Inter-Partition Communication in a Trustzone-Assisted Hypervisor
Virtualization technology allows the coexistence and execution of multiple operating systems on top of the same hardware platform. In the embedded systems domain, virtualization has been focused on the isolation of critical requirements like real-time, security and safety from non-critical characteristics. The strict confinement of guest partitions typically provided by virtualization does not suit the modular and inter-cooperative nature of embedded systems. The need for inter-partition communication has been addressed by multiple virtualization solutions, either to enable guest-level device para-virtualization or to ensure increased flexibility regarding cooperative partitions. However, the majority of existing approaches follow an ad hoc approach with limited to none applicability outside their solution's scope. This paper presents TZ-VirtIO, an asynchronous standardized inter-partition communication (IPC) mechanism on top of a TrustZone-assisted dual-OS hypervisor (LTZVisor). The implemented IPC uses the standard VirtIO transport layer. The experiments conducted on a physical platform show a scalable, high-bandwidth and low-overhead solution for both single-core and multi-core architectures.FCT - Fundação para a Ciência e a Tecnologia (UID/CEC/00319/2013
uTango: an open-source TEE for IoT devices
Security is one of the main challenges of the Internet
of Things (IoT). IoT devices are mainly powered by low-cost
microcontrollers (MCUs) that typically lack basic hardware
security mechanisms to separate security-critical applications
from less critical components. Recently, Arm has started to
release Cortex-M MCUs enhanced with TrustZone technology
(i.e., TrustZone-M), a system-wide security solution aiming at
providing robust protection for IoT devices. Trusted Execution
Environments (TEEs) relying on TrustZone hardware have been
perceived as safe havens for securing mobile devices. However,
for the past few years, considerable effort has gone into unveiling
hundreds of vulnerabilities and proposing a collection of relevant
defense techniques to address several issues. While new TEE
solutions built on TrustZone-M start flourishing, the lessons
gathered from the research community appear to be falling short,
as these new systems are trapping into the same pitfalls of the
past. In this paper, we present UTANGO, the first multi-world TEE
for modern IoT devices. UTANGO proposes a novel architecture
aiming at tackling the major architectural deficiencies currently
affecting TrustZone(-M)-assisted TEEs. In particular, we leverage
the very same TrustZone hardware primitives used by dual-world
implementations to create multiple and equally secure execution
environments within the normal world. We demonstrate the
benefits of UTANGO by conducting an extensive evaluation on
a real TrustZone-M hardware platform, i.e., Arm Musca-B1.
UTANGO will be open-sourced and freely available on GitHub
in hopes of engaging academia and industry on securing the
foreseeable trillion IoT devices.This work was supported in part by the Fundacao para a Ciencia e Tecnologia (FCT) within the Research and Development Units under Grant UIDB/00319/2020, and in part by FCT within the Ph.D. Scholarship under Grant 2020.04585.BD
Building real-time embedded applications on QduinoMC: a web-connected 3D printer case study
Single Board Computers (SBCs) are now emerging
with multiple cores, ADCs, GPIOs, PWM channels, integrated
graphics, and several serial bus interfaces. The low power
consumption, small form factor and I/O interface capabilities of
SBCs with sensors and actuators makes them ideal in embedded
and real-time applications. However, most SBCs run non-realtime
operating systems based on Linux and Windows, and do
not provide a user-friendly API for application development. This
paper presents QduinoMC, a multicore extension to the popular
Arduino programming environment, which runs on the Quest
real-time operating system. QduinoMC is an extension of our earlier
single-core, real-time, multithreaded Qduino API. We show
the utility of QduinoMC by applying it to a specific application: a
web-connected 3D printer. This differs from existing 3D printers,
which run relatively simple firmware and lack operating system
support to spool multiple jobs, or interoperate with other devices
(e.g., in a print farm). We show how QduinoMC empowers devices with the capabilities to run new services without impacting their timing guarantees. While it is possible to modify existing operating systems to provide suitable timing guarantees, the effort to do so is cumbersome and does not provide the ease of programming afforded by QduinoMC.http://www.cs.bu.edu/fac/richwest/papers/rtas_2017.pdfAccepted manuscrip
The Following Robot
The objective of this project is to design, build, and test an autonomous robot with an associated Android application. The robot uses on board inertial measurement sensors (magnetometer, accelerometer, gyroscope) and coordinates itself through Bluetooth communication with the similar builtin measurement sensors on the Android phone to mimic and follow movement. The Following Robot incorporates the same basic movement functionality as a typical RC car. The robot follows the user’s phone through an application on one’s phone. This application accesses the phone’s accelerometer and gyroscope data and translates into appropriate conversions. Methods of tracking and calculating distance or angular displacement includes numeric integration. Once a certain turning angle or certain distance has reached a predefined threshold, the application sends a command to the robot via Bluetooth indicating which movement to execute: left, right, forward, or backward. The Following Robot has its own sensors to accurately match the threshold of the phone. Combining these two interfaces, the Following Robot can mimic the movements of the user hence the name “following”. Additionally, the application accesses its magnetometer to send the current direction and/or orientation of the phone. The robot uses this information and aligns its direction to match the phone with a click of a button on the application
Software design for a Smart Lock System for Home Automation
The idea that motivated this thesis work was to design a smart lock system and access control. This system was designed to control the access to a room using portable devices such as mobile phones or tablets. Its principal objective was to create a basic, but functional prototype that could be placed in a real room, and be implemented and integrated easily without much modification of the doors’ structure, yet accomplish its purpose.
To achieve this goal the work was divided in two separate parts the hardware part and the software part. This thesis focuses on the Software part. All progresses made and final results were obtained after using a design, implementation and test method. Working closely and in constant feedback with the hardware part, the programs and code developed has been always tested with the hardware to ensure that the right results were obtained and required modifications were made if needed.
In general, the project was carried out as follows. First the documentation process was completed and then, the devices, the coding languages and tools were selected. Next, the designing process was accomplished where the basic structure of the programs was developed and created. After that, the implementation and testing process were simultaneously done to perfect the result and obtain the best solution possible.
This process was completed when the real working prototype was obtained. The device successfully connected to a self-designed smartphone app and controlled the access to the room. The prototype could be mounted on a demonstration door to show how it is supposed to work in the real application. In general, all the main goals were achieved although some rectification and improvements are still to be studied more in depth and be applied on future expansions
- …