Let me start with a short introduction to Embedded Systems Week: It consists of three co-located conferences, CASES, EMSOFT and CODES+ISSS and several workshops which all cover different aspects of embedded systems, bringing together experts on (almost all) aspects of embedded systems. So far, ESWeek did have one major drawback: Security of Embedded Systems was a complete non-issue except at the (rather low-key) WESS workshop. (If you don't believe me, just look at my blog posts from last year's ESWeek: [ESWeek'11 day 1], [ESWeek'11, day 2] and [ESWeek'11 day 3].) So I was very positively surprised that CASES had a session on security of embedded systems today.
Because of that, I decided to blog about the best talk of that session: "Static Secure Page Allocation for Light-Weight Dynamic Information Flow Tracking" by Yunsi Fei (the speaker), Juan Carlos Martínez Santos and Zhijie Jerry Shi. In their paper, they present an efficient variant of separating data in memory into "trusted" and "untrusted" categories in order to protect against buffer overflows occurring from malicious user entries. At compile time, all data is categorized either as trusted (all data which does not originate from a user/external input) or as untrusted (all data which originates from user input). To reduce the overhead from marking each individual variable as trusted/untrusted, they enforce separate memory pages for trusted and untrusted data. Most of the runtime checking can be handled by dedicated hardware support.
While this certainly does not cover all potential problems on a normal Computer or on smartphones - most notably the problem of code generated buffer overflows isn't covered - we do have to keep in mind that the world of embedded systems is extremely large, ranging from very simple RFID tags over light-weight Wireless Sensor Network Nodes to systems as complex as modern smartphones and game consoles. Depending on the system abilities and intended use-cases, the security requirements vary greatly and especially for the light-weight systems malicious code may not be a problem at all. Instead, a tailored security solution that covers the specific security requirements of this particular system as efficiently as possible is required and this work will be an interesting addition to the existing solutions - valuable for some (but certainly not all) embedded systems.
Post a Comment