YoVDO

Protecting Bare-metal Embedded Systems with Privilege Overlays

Offered By: IEEE via YouTube

Tags

Embedded Systems Security Courses Performance Evaluation Courses IoT security Courses LLVM Courses

Course Description

Overview

Explore a comprehensive conference talk on enhancing security for bare-metal embedded systems through privilege overlays. Delve into the innovative EPOXY compiler, which employs privilege overlaying to execute only necessary operations in privileged mode. Discover how this technique enables code integrity, control-flow hijacking defenses, and protection for sensitive IO. Learn about fine-grained randomization schemes designed to prevent code injection and ROP attacks from scaling across multiple devices. Examine the performance impact of these combined defense mechanisms through extensive benchmarking and real-world IoT application case studies. Gain insights into the challenges and solutions for securing low-cost, resource-constrained embedded systems in the expanding Internet of Things landscape.

Syllabus

Intro
BARE-METAL SYSTEMS
DEFENSE CHALLENGES
THREAT MODEL AND REQUIREMENTS
PRIVILEGE OVERLAY EXAMPLE
EPOXY - AFTER PRIVILEGE OVERLAY
SAFESTACK
DIVERSIFICATION
EPOXY - ALL PROTECTIONS
PERFORMANCE
ROP COMPILER
PRIVILEGED INSTRUCTIONS EXECUTED
CONCLUSION


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

A developer's guide to the Internet of Things (IoT)
IBM via Coursera Enterprise and Infrastructure Security
New York University (NYU) via Coursera Getting Started with the Internet of Things (IoT)
Microsoft via edX AWS IoT: Developing and Deploying an Internet of Things
Amazon Web Services via edX Components And Applications Of Internet Of Things
Indian Institute of Technology Patna via Swayam