From Attackers to Defenders, Challenges in Securing Embedded Systems OS

  • Join the LiveStream
  • When: Aug. 13, 2020 | 6 p.m. Central European Summer Time(UTC+02)

    Where: LiveStream

    Who: Ali Abbasi Post-Doctoral Researcher at Ruhr University Bochum

    From Attackers to Defenders, Challenges in Securing Embedded Systems OS

    From critical infrastructure to cars, embedded systems are all around us, underpinning the technological fabric of our everyday life. The rise of the Internet-of-Things has seen a widespread proliferation of so-called ’smart devices’ with everything from fridges to smoke detectors and door locks being fitted with a small computer communicating with its environment. Just like any computer, embedded systems have vulnerabilities that can be exploited by attackers. In this talk we will look at securing embedded systems from two perspectives: namely attacker and defender. From an attacker perspective, we will first investigate challenges on reverse engineering embedded systems. We then look at various Real-Time Operating Systems (RTOS), running on aerospace and automotive platforms and describe how series of mistakes lead to major security issues on these OSs. We end the attacker perspective with a demo. We then move to the defender side and discuss challenges on securing embedded systems. We investigate how series of constraints in embedded systems lead to less secure devices. We then provide various first hand statistics on binary security for embedded systems, quantifying their common security issues. We finally close the talk by discussing how we, as defenders can break away from this paradigm and make such devices more secure.

    About the Presenter:

    Ali’s research interest involves Embedded Control Systems Binary Security, Real-Time Operating Systems Security, and Automotive Security. Ali received his Ph.D. degree from the Eindhoven University of Technology, the Netherlands. In Eindhoven, he worked at the Security Group on code-reuse defenses for Programmable Logic Controllers (PLC) with Real-Time constraints. Currently, Ali is involved in two research projects: An automated software testing approach for embedded software via firmware re-hosting and side-channel based software testing via SoC pipeline emissions for embedded systems with active anti-debugging protection.

    Visit Speaker Profile