9.1 SPECIAL DAY Embedded Tutorial: Embedded Systems Security
Date: Thursday 17 March 2016
Time: 08:30 - 10:00
Location / Room: Saal 2
Chair:
Matthias Schunter, Intel, DE
Co-Chair:
Wieland Fischer, Infineon Technologies, DE
HW designers need to understand SW attacks. SW designers need to understand the HW platform. In this first session of the special day on secure systems, we present an embedded tutorial on low-level software attacks. This is essential to understand the HW architecture modifications that are being made to make embedded HW/SW platforms more secure.
| Time | Label | Presentation Title Authors |
|---|---|---|
| 08:30 | 9.1.1 | SOFTWARE SECURITY: VULNERABILITIES AND COUNTERMEASURES FOR TWO ATTACKER MODELS Speaker: Frank Piessens, Katholieke Universiteit Leuven, BE Authors: Frank Piessens and Ingrid Verbauwhede, Katholieke Universiteit Leuven, BE Abstract History has shown that attacks against network-connected software based systems are common and dangerous. An important fraction of these attacks exploit implementation details of the software based system. These attacks - sometimes called low-level attacks - rely on characteristics of the hardware, compiler or operating system used to execute software programs to make these programs misbehave, or to extract sensitive information from them. With the increased Internet-connectivity of embedded devices, including industrial control systems, sensors as well as consumer devices, there is a substantial risk that similar attacks will target these devices. This tutorial paper explains the vulnerabilities, attacks and countermeasures relevant for low-level software security. The paper discusses software security for two different attacker models: the classic model of an attacker that can only interact with the program by providing input and reading output, and the more recent and challenging model of an attacker that controls part of the execution platform on which the software runs, for instance because the attacker has compromised the operating system, or some of the libraries that the software under attack relies on. Download Paper (PDF; Only available from the DATE venue WiFi) |
| 10:00 | End of session Coffee Break in Exhibition Area |
Visit us at DATE 2016
DATE Smartphone App
available at
