Secure Updates for Memory Constrained XIP Systems

Explore secure update strategies for memory-constrained XIP (eXecute In Place) systems in this 31-minute conference talk. Delve into the challenges and solutions for updating XIP Linux systems, which allow code execution directly from flash memory without RAM copying. Learn about the renewed interest in XIP Linux for IoT devices, its memory optimization benefits, and low-power capabilities. Discover various OTA (Over-The-Air) update approaches, including userspace, RAM disk, bootloader, and TrustZone methods. Gain insights into overcoming obstacles in implementing secure updates for XIP systems, with real-world examples provided to illustrate practical applications.

Intro
About me
About this presentation
FOSS OTA updaters
OTA updater requirements
OTA classification 2
Double-copy OTA
XIP: execute in place
XIP advantages
XIP obstacles
OTA and XIP: Same goals...
sharper underwater rocks
Userspace OTA
RAM disk (initrd) OTA
Bootloader OTA
Trustzone OTA (ARM)
Conclusions