Politecnico di Torino (logo)

Control-Flow Integrity for Embedded Systems: Study Case of an FPGA-Based Solution

Antonio Ettore Epifani

Control-Flow Integrity for Embedded Systems: Study Case of an FPGA-Based Solution.

Rel. Paolo Ernesto Prinetto. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2021

PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (3MB) | Preview

Nowadays, embedded devices are taking on a significant degree of pervasiveness in many sectors of our daily life, from industry to home automation, from healtcare to the urban dimension. These devices are responsible for creating and managing an extraordinary amount of data concerning our lives, which poses equally extraordinary challenges: on the one hand, it becomes essential to secure the entire data traffic, and on the other, equally important, these systems need to be reliable and not easily manipulated, according to the resilience-by-design paradigm. Physical security is fundamental but insufficient, since many breaches can be opened by the code that such systems run. A relevant amount of weaknesses comes from the diffused employ of typical embedded system languages, such as C and C++. These languages offer a high level of hardware control and optimization, but at the same time, they are memory- unsafe, i.e., the protection of the memory from possible corruptions is completely left to the programmer. Memory vulnerabilities open the door to many typologies of attacks, massively reported and studied by security researchers, such as Code-Reuse Attacks (CRA), in which the flow of the program is hijacked to sections of code already present in memory but not intended to be executed in that order. One of the most famous offensive techniques belonging to this category is called Return-Oriented Programming (ROP), along with some of its vari- ants, Jump-Oriented Programming (JOP) and Call-Oriented Programming (COP). This technique exploits a memory vulnerability inside a program in order to collect a malicious sequence of bytes, said gadgets. These gadgets are used as a chain of little actions to form a greater malware, able to execute arbitrary code in the context of the program. The purpose of this thesis work is to present a practical use case of a Control Flow Integrity solution based on a Control Flow Monitor synthesized inside a reconfigurable hardware module. In this thesis, an ad-hoc firmware is uploaded onto a development board, the SEcubeTM, which integrates a microcontroller, an FPGA and a Smart Card Reader. In this scenario, the device communicates with a smartphone application via a BLE peripheral in order to perform its intended tasks. The application, though, can deliver a malicious payload which will hijack the program counter of the firmware. The final aim of this work is to show the different behaviour of the embedded system in presence or not of the Control Flow Integrity solution previously desribed.

Relators: Paolo Ernesto Prinetto
Academic year: 2020/21
Publication type: Electronic
Number of Pages: 54
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING
Aziende collaboratrici: UNSPECIFIED
URI: http://webthesis.biblio.polito.it/id/eprint/18133
Modify record (reserved for operators) Modify record (reserved for operators)