Injecting Security Features into Constrained Embedded Firmware
The project aims to provide automated approaches to implant security features into connected embedded system to counter the lack of security features in the IoT.
Within the last decade, emerging use-cases like “Ambient Assistive Technologies“, “Car2X“ communication, “Smart Homes“, “Smart Cities“ and Industry 4.0 transformed computer systems to ubiquitous companions in our daily lives. The inevitable interconnection of these devices is better known as Internet of Things (IoT). The vast majority of the IoT is made up of computing devices that are highly specialized for their particular purpose. These devices are called embedded systems. Due to their specialization and the thereof resulting constraints such as energy consumption and the deterministic fulfillment of deadlines (real-time requirements), many embedded systems cannot be equipped with a standard operating system for embedded devices like Windows IoT Core, or Linux. As a consequence, a plethora of computers in the IoT lack a sufficient amount of security features that are common in standard operating systems. However, the retrofitting all available software for embedded systems at a source level is clearly illusive due to the high degree of software- (systems with special operating systems, or without operating systems) and hardware diversity (different processor architectures, memory sizes, additional hardware).
Together with the IoT startup Riddle & Code, who’s aim is to provide an interface between embedded systems and blockchain technology, SBA Research and the FH Technikum Wien pursuit a novel approach based on binary rewriting to retrofit already existing IoT systems in order to make them more resilient against unauthorized access attempts.
- The project is led by SBA Research.
This project is funded by the FFG.