Securing IoT and Embedded Systems with the Hypervisor


As embedded and IoT devices increase in complexity, the opportunities for software vulnerabilities also increase. Hackers have already demonstrated taking control of a running vehicle remotely by attacking the infotainment system. Yet, many of these devices do not come with any software updates. Often the most complex (hence most vulnerable) components on the device are not the most critical, as the car infotainment system. However, they are not adequately isolated from the life-critical functions. A vulnerability in Android could lead to severe consequences for all the passengers on the vehicle.

This presentation will explain the concept of attack surface, and it will introduce fundamental principles of software security such as security by compartmentalization and privilege separation. We will describe how to apply these principles to the design of the software stack of an embedded system. A good architecture can minimize the consequences of a vulnerability in the weakest components, preventing them from spreading the attack to the rest of the system.

Modern hypervisors were born to run multiple operating system instances on a single machine. They enabled the success of the cloud. Today, they are key to the security of IoT and embedded systems, as they enforce isolation between multiple components on a single device. They are used for partitioning the hardware into different criticality domains. For example, the hypervisor is the component that could have separated the infotainment system from more critical software with CAN bus access, preventing the attackers from taking control of the vehicle.

This talk will discuss the different requirements that hypervisors have to meet in embedded and IoT scenarios to be suitable solutions. It will compare them to traditional servers and cloud utilization models. It will go into details on the hypervisor features that are needed to meet these requirements, such as real-time support and hardware partitioning. We will explain how to use these features to build secure embedded solutions. We will show a small selection of real-world deployments of open source hypervisors (Xen Project in particular) as practical examples.

Until recently, numerous manual steps were still required to build secure hypervisor-based embedded systems. New developments have introduced powerful tools that can be used to assemble secure-by-default embedded software stacks easily. They are game-changers for IoT security. We will cover the most promising efforts in this space and we will show the audience how to use them.

Room 106
Saturday, March 10, 2018 - 11:30 to 12:30