Christian Niesler

Christian Niesler, M.Sc.

Raum:
S-GW 306
Telefon:
+49 201 18-37336
E-Mail:

Zur Person:

Christian Niesler ist wissenschaftlicher Mitarbeiter am Lehrstuhl für Sichere Software Systeme an der Universität Duisburg-Essen.

Lebenslauf:

Jahr Position/Studienprogramm
seit 10/2020 Wissenschaftlicher Mitarbeiter am Lehrstuhl für Systemsicherheit (SysSec) an der Universität Duisburg-Essen
10/2017 – 09/2020 Master of Science: Software and Network Engineering an der Universität Duisburg-Essen
Threat and Vulnerability Management bei DXC Technology in Ratingen
10/2014 – 09/2017 Bachelor of Science: Angewandte Informatik an der Dualen Hochschule Baden-Württemberg in Stuttgart
Duales Studium bei Hewlett-Packard (Enterprise)

Publikationen:

Filter:
  • Niesler, Christian; Surminski, Sebastian; Brasser, Ferdinand; Davi, Lucas; Sadeghi, Ahmad-Reza: RealSWATT: Remote Software-based Attestation for Embedded Devices under Realtime Constraints. In: Proc. of the 28th ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM, New York, USA 2021. doi:10.1145/3460120.3484788BIB DownloadDetails
  • Niesler, Christian; Surminski, Sebastian; Davi, Lucas: HERA: Hotpatching of Embedded Real-time Applications. In: Proc. of 28th Network and Distributed System Security Symposium (NDSS). 2021. doi:10.14722/ndss.2021.24159PDFVolltextBIB DownloadDetails

    Memory corruption attacks are a pre-dominant attack vector against IoT devices. Simply updating vulnerable IoT software is not always possible due to unacceptable downtime and a required reboot. These side-effects must be avoided for highly-available embedded systems such as medical devices and, generally speaking, for any embedded system with real-time constraints.
    To avoid downtime and reboot of a system, previous research has introduced the concept of hotpatching. However, the existing approaches cannot be applied to resource-constrained IoT devices. Furthermore, possible hardware-related issues have not been addressed, i.e., the inability to directly modify the firmware image due to read-only memory.

    In this paper, we present the design and implementation of HERA (Hotpatching of Embedded Real-time Applications) which utilizes hardware-based built-in features of commodity Cortex-M microcontrollers to perform hotpatching of embedded systems. HERA preserves hard real-time constraints while keeping the additional resource usage to a minimum. In a case study, we apply HERA to two vulnerable medical devices. Furthermore, we leverage HERA to patch an existing vulnerability in the FreeRTOS operating system. These applications demonstrate the high practicality and efficiency of our approach.