Embedded Systems Security via Control-Flow Integrity
Reference persons PAOLO ERNESTO PRINETTO
External reference persons Gianluca ROASCIO (CINI Cybersecurity National Laboratory)
Nicolò MAUNERO (CINI Cybersecurity National Laboratory)
Antonio VARRIALE (Blu5 Labs Ltd)
Research Groups GR-21 - TESTGROUP - TESTGROUP
Thesis type MASTER THESIS
In recent decades, the increasing employ of the embedded systems in everyday-life applications, even critical, has led companies and universities to look at the security aspects related to them. As commonly known, embedded systems are special-purpose platforms, so the application code already resides completely within the device, often in a read-only (or hardly rewritable) portion of memory. From the point of view of an intruder, the injection of malicious code is therefore more difficult. The attackers try to circumvent this rigidity by exploiting software vulnerabilities to tamper with the function call stack, jump addresses and return addresses for redirecting the flow of the program from one existing portion of code to another at will. These attack techniques are known as Jump-Oriented Programming (JOP) and Return-Oriented Programming (ROP). Against this threat, it is necessary to think of solutions to preserve the integrity of the control flow of the program.
The purpose of the thesis is to develop a tool for extracting the Control-Flow Graph of a firmware running on a security-oriented embedded platform, such as SEcube™ by Blu5®, to provide Control-Flow Integrity (CFI).
During this thesis, the candidate will learn how to approach static code analysis for ARM architecture in security applications.
Blu5 Labs Ltd (Malta)
CINI Cybersecurity National Laboratory
Required skills Basics of;
- C Language
- Assembly languages
- VHDL Language
Notes The thesis activities will be carried out in collaboration with:
- Blu5 Labs Ltd (Malta)
- CINI Cybersecurity National Laboratory
Number of required Students: 1 or 2
For additional informations:
Gianluca ROASCIO – email@example.com
Nicolò MAUNERO – firstname.lastname@example.org
Deadline 31/12/2020 PROPONI LA TUA CANDIDATURA