Regions Are Types, Types Are Policy, and Other Ramblings

Explore innovative approaches to software hardening in this 40-minute conference talk from NorthSec 2020. Delve into the concept of using types beyond traditional compiler and interpreter applications to implement policies across address spaces. Learn how semantically related objects grouped in memory can be leveraged for enhanced security measures. Discover the potential of assigning types to memory regions as a basis for practical access control policies. Follow the speaker's journey in retroactively hardening a U-Boot bootloader instance, modeling its intentions, and creating a mediating access control policy. Understand how typed region-based hardening can be applied to various software types, protecting against both low-level memory vulnerabilities and high-level logic-based attacks. Gain insights into the speaker's background in studying weird machines in application linkers and loaders, and their current focus on system bootstrap loaders as a senior security researcher.

Introduction
Who am I
Root of Trust
Loch Ness Monster
Software is not easy
Policy granularity
Types
Interpreted languages
compiled languages
dependent types
file permissions
types and policy
policy
wish lists
understanding policy
semantics of uboot
bootloader
what to expect from bootloader
how should you behave
boot loaders
boot image
memory regions
black
tool suite
the bootloader
blockwrite operations
call graph
call stack instrumentation
writability
final thoughts
kitty