Research Assistant with the Distributed and Embedded Security group (DIES) at the University of Twente
The RTOS Exploit Mitigation Blues
Memory corruption vulnerabilities have been around for decades and while the general purpose world has seen an arms race develop around exploit mitigations which has driven up the complexity and cost of exploit development, this is not the case in the embedded world. This is particularly evident in the real-time operating systems (RTOS) running on the most constrained embedded systems. Not only do these RTOSes lack any sort of modern exploit mitigations but they are faced with a myriad of unique challenges and constraints adversely affecting their adoption. This is all the more worrisome given that they are used in some of the most critical systems (such as avionics, automotive, military or ICS equipment) and they are becoming ever more ubiquitous with the rise of the so-called 'Internet of Things'.
In this talk we will present an overview of the current state of RTOS exploit mitigations, outline some of the challenges faced in developing and adopting exploit mitigations for RTOSes and discuss some solutions and promising research directions for raising the bar in embedded memory corruption exploitation.
Jos Wetzels is a Research Assistant with the Distributed and Embedded Security group (DIES) at the University of Twente. He currently works on projects aimed at hardening embedded systems used in critical infrastructure, where he focuses on binary security in general and exploit development and mitigation in particular, and has been involved in research regarding on-the-fly detection and containment of unknown malware and Advanced Persistent Threats. He has assisted teaching hands-on offensive security classes for graduate students at the Dutch Kerckhoffs Institute for several years.
