Mitigating Software Exploits on Embedded Systems - Invited Talk

Author(s):

Davi, Lucas

Name of Event:

NEC Europe Ltd., NEC Laboratories Europe

Location:

Heidelberg

Date:

15.03.2017

Abstract

Attacks targeting software on embedded systems are becoming increasingly prevalent. In particular, software exploits based on return-oriented programming are challenging to prevent as they perform malicious operations without requiring the attacker to inject any malicious code. Both academia and industry have recently proposed defense techniques to mitigate these attacks. However, a continuous arms race has evolved between new attacks and improved defenses. In this talk, we elaborate on the different classes of software exploits and present recent research on mitigation technologies such as control-flow integrity and attestation targeting embedded systems software.