YoVDO

Protecting Bare-metal Embedded Systems with Privilege Overlays

Offered By: IEEE via YouTube

Tags

Embedded Systems Security Courses Performance Evaluation Courses IoT security Courses LLVM Courses

Course Description

Overview

Explore a comprehensive conference talk on enhancing security for bare-metal embedded systems through privilege overlays. Delve into the innovative EPOXY compiler, which employs privilege overlaying to execute only necessary operations in privileged mode. Discover how this technique enables code integrity, control-flow hijacking defenses, and protection for sensitive IO. Learn about fine-grained randomization schemes designed to prevent code injection and ROP attacks from scaling across multiple devices. Examine the performance impact of these combined defense mechanisms through extensive benchmarking and real-world IoT application case studies. Gain insights into the challenges and solutions for securing low-cost, resource-constrained embedded systems in the expanding Internet of Things landscape.

Syllabus

Intro
BARE-METAL SYSTEMS
DEFENSE CHALLENGES
THREAT MODEL AND REQUIREMENTS
PRIVILEGE OVERLAY EXAMPLE
EPOXY - AFTER PRIVILEGE OVERLAY
SAFESTACK
DIVERSIFICATION
EPOXY - ALL PROTECTIONS
PERFORMANCE
ROP COMPILER
PRIVILEGED INSTRUCTIONS EXECUTED
CONCLUSION


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

CompTIA Security+ (SY0-601) Cert Prep: 7 Endpoint Security Design and Implementation
LinkedIn Learning SSCP Cert Prep: 7 Systems and Application Security
LinkedIn Learning The Internet of Insecure Things - 10 Most Wanted List
YouTube ICEFALL - Revisiting A Decade Of OT Insecure-By-Design Practices
Hack In The Box Security Conference via YouTube Low Level BootROM Protocol Fuzzing Secure Memory Regions
Hack In The Box Security Conference via YouTube