Biblio
Filters: Keyword is Xtensa [Clear All Filters]
.
2022. Return-Oriented Programming Gadget Catalog for the Xtensa Architecture. 2022 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops). :655–660.
This paper shows that the modern high customizable Xtensa architecture for embedded devices is exploitable by Return-Oriented Programming (ROP) attacks. We used a simple Hello-World application written with the RIOT OS as an almost minimal code basis for determining if the number of gadgets that can be found in this code base is sufficient to build a reasonably complex attack. We determined 859 found gadgets which are sufficient to create a gadget catalog for the Xtensa. Despite the code basis used being really small, the presented gadget catalog provides Turing completeness, which allows an arbitrary computation of any exploit program.
.
2022. Combination of ROP Defense Mechanisms for Better Safety and Security in Embedded Systems. 2022 25th Euromicro Conference on Digital System Design (DSD). :480–487.
Control flow integrity (CFI) checks are used in desktop systems, in order to protect them from various forms of attacks, but they are rarely investigated for embedded systems, due to their introduced overhead. The contribution of this paper is an efficient software implementation of a CFI-check for ARM-and Xtensa processors. Moreover, we propose the combination of this CFI-check with another defense mechanism against return-oriented-programming (ROP). We show that by this combination the security is significantly improved. Moreover, it will also in-crease the safety of the system, since the combination can detect a failed ROP-attack and bring the system in a safe state, which is not possible when using each technique separately. We will also report on the introduced overhead in code size and run time.