Finding Software Bugs in Embedded Devices
Francillon, A., Thomas, S. L., & Costin, A. (2021). Finding Software Bugs in Embedded Devices. In J. Hernandez-Castro, & G. Avoine (Eds.), Security of Ubiquitous Computing Systems : Selected Topics (pp. 183-197). Springer. https://doi.org/10.1007/978-3-030-10591-4_11
Date
2021Copyright
© The Author(s) 2021
The goal of this chapter is to introduce the reader to the domain of bug discovery in embedded systems which are at the core of the Internet of Things. Embedded software has a number of particularities which makes it slightly different to general purpose software. In particular, embedded devices are more exposed to software attacks but have lower defense levels and are often left unattended. At the same time, analyzing their security is more difficult because they are very “opaque”, while the execution of custom and embedded software is often entangled with the hardware and peripherals. These differences have an impact on our ability to find software bugs in such systems. This chapter discusses how software vulnerabilities can be identified, at different stages of the software life-cycle, for example during development, during integration of the different components, during testing, during the deployment of the device, or in the field by third parties.
Publisher
SpringerParent publication ISBN
978-3-030-10590-7Is part of publication
Security of Ubiquitous Computing Systems : Selected TopicsKeywords
Publication in research information system
https://converis.jyu.fi/converis/portal/detail/Publication/28932210
Metadata
Show full item recordCollections
License
Related items
Showing items with similar title or keywords.
-
Towards Seamless IoT Device-Edge-Cloud Continuum : Software Architecture Options of IoT Devices Revisited
Taivalsaari, Antero; Mikkonen, Tommi; Pautasso, Cesare (Springer, 2022)In this paper we revisit a taxonomy of client-side IoT software architectures that we presented a few years ago. We note that the emergence of inexpensive AI/ML hardware and new communication technologies are broadening ... -
IoT/Embedded vs. Security : Learn from the Past, Apply to the Present, Prepare for the Future
Costin, Andrei (FRUCT Oy, 2018)It is expected there will be 50 billion IoT/embedded connected devices by 2020. At the same time, multiple recent studies revealed that IoT/embedded devices and their software/firmware is plagued with weaknesses and ... -
Towards Automated Classification of Firmware Images and Identification of Embedded Devices
Costin, Andrei; Zarras, Apostolis; Francillon, Aurélien (Springer, 2017)Embedded systems, as opposed to traditional computers, bring an incredible diversity. The number of devices manufactured is constantly increasing and each has a dedicated software, commonly known as firmware. Full ... -
Attacking TrustZone on devices lacking memory protection
Stajnrod, Ron; Ben Yehuda, Raz; Zaidenberg, Nezer Jacob (Springer Science and Business Media LLC, 2022)ARM TrustZone offers a Trusted Execution Environment (TEE) embedded into the processor cores. Some vendors offer ARM modules that do not fully comply with TrustZone specifications, which may lead to vulnerabilities in the ... -
Sulautettujen laitteiden laitteisto- ja ohjelmistoturvallisuus
Vähälummukka, Antti (2020)Tässä työssä selvitetään millaisia laitteisto- ja ohjelmistoturvallisuutta lisääviä ominaisuuksia on käytettävissä nykyaikaisissa sulautettujen laitteiden käyttämissä mikro-ohjaimissa, sekä miten niiden avulla voidaan ...