Protecting Bare-metal Embedded Systems with Privilege Overlays
Offered By: IEEE via YouTube
Course Description
Overview
Explore a comprehensive conference talk on enhancing security for bare-metal embedded systems through privilege overlays. Delve into the innovative EPOXY compiler, which employs privilege overlaying to execute only necessary operations in privileged mode. Discover how this technique enables code integrity, control-flow hijacking defenses, and protection for sensitive IO. Learn about fine-grained randomization schemes designed to prevent code injection and ROP attacks from scaling across multiple devices. Examine the performance impact of these combined defense mechanisms through extensive benchmarking and real-world IoT application case studies. Gain insights into the challenges and solutions for securing low-cost, resource-constrained embedded systems in the expanding Internet of Things landscape.
Syllabus
Intro
BARE-METAL SYSTEMS
DEFENSE CHALLENGES
THREAT MODEL AND REQUIREMENTS
PRIVILEGE OVERLAY EXAMPLE
EPOXY - AFTER PRIVILEGE OVERLAY
SAFESTACK
DIVERSIFICATION
EPOXY - ALL PROTECTIONS
PERFORMANCE
ROP COMPILER
PRIVILEGED INSTRUCTIONS EXECUTED
CONCLUSION
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
RISC-V Toolchain and Compiler Optimization TechniquesLinux Foundation via edX Get Started Using WebAssembly (wasm)
egghead.io A Long Journey of Changing std::sort Implementation at Scale
CppCon via YouTube A Taste of Julia
ACCU Conference via YouTube AI-Driven Performance Metaprogramming - Embedding Spaces for Program Analysis and Optimization
Scalable Parallel Computing Lab, SPCL @ ETH Zurich via YouTube