scholarly journals Finding Software Bugs in Embedded Devices

2021 ◽  
pp. 183-197
Author(s):  
Aurélien Francillon ◽  
Sam L. Thomas ◽  
Andrei Costin
Keyword(s):  
Embedded Software ◽  
General Purpose ◽  
Software Life Cycle ◽  
Embedded Devices ◽  
Software Vulnerabilities ◽  
Software Bugs ◽  
The Core ◽  
Software Attacks ◽  
The Internet Of Things ◽  
General Purpose Software

AbstractThe goal of this chapter is to introduce the reader to the domain of bug discovery in embedded systems which are at the core of the Internet of Things. Embedded software has a number of particularities which makes it slightly different to general purpose software. In particular, embedded devices are more exposed to software attacks but have lower defense levels and are often left unattended. At the same time, analyzing their security is more difficult because they are very “opaque”, while the execution of custom and embedded software is often entangled with the hardware and peripherals. These differences have an impact on our ability to find software bugs in such systems. This chapter discusses how software vulnerabilities can be identified, at different stages of the software life-cycle, for example during development, during integration of the different components, during testing, during the deployment of the device, or in the field by third parties.

Automatic Vulnerability Detection in Embedded Devices and Firmware

2021 ◽  
Vol 54 (2) ◽  
pp. 1-42
Author(s):  
Abdullah Qasem ◽  
Paria Shirani ◽  
Mourad Debbabi ◽  
Lingyu Wang ◽  
Bernard Lebel ◽  
...  
Keyword(s):  
Embedded Systems ◽  
Symbolic Execution ◽  
Vital Role ◽  
Security And Privacy ◽  
Embedded Devices ◽  
Security Vulnerabilities ◽  
Future Directions ◽  
Hybrid Approaches ◽  
Wide Range ◽  
The Internet Of Things

In the era of the internet of things (IoT), software-enabled inter-connected devices are of paramount importance. The embedded systems are very frequently used in both security and privacy-sensitive applications. However, the underlying software (a.k.a. firmware) very often suffers from a wide range of security vulnerabilities, mainly due to their outdated systems or reusing existing vulnerable libraries; which is evident by the surprising rise in the number of attacks against embedded systems. Therefore, to protect those embedded systems, detecting the presence of vulnerabilities in the large pool of embedded devices and their firmware plays a vital role. To this end, there exist several approaches to identify and trigger potential vulnerabilities within deployed embedded systems firmware. In this survey, we provide a comprehensive review of the state-of-the-art proposals, which detect vulnerabilities in embedded systems and firmware images by employing various analysis techniques, including static analysis, dynamic analysis, symbolic execution, and hybrid approaches. Furthermore, we perform both quantitative and qualitative comparisons among the surveyed approaches. Moreover, we devise taxonomies based on the applications of those approaches, the features used in the literature, and the type of the analysis. Finally, we identify the unresolved challenges and discuss possible future directions in this field of research.

scholarly journals A Guideline on Pseudorandom Number Generation (PRNG) in the IoT

2021 ◽  
Vol 54 (6) ◽  
pp. 1-38
Author(s):  
Peter Kietzmann ◽  
Thomas C. Schmidt ◽  
Matthias Wählisch
Keyword(s):  
General Purpose ◽  
Packet Transmission ◽  
Limited Resources ◽  
Systematic Evaluation ◽  
The Internet ◽  
Random Numbers ◽  
Essential Input ◽  
Attack Surface ◽  
Pseudorandom Number Generation ◽  
The Internet Of Things

Random numbers are an essential input to many functions on the Internet of Things (IoT). Common use cases of randomness range from low-level packet transmission to advanced algorithms of artificial intelligence as well as security and trust, which heavily rely on unpredictable random sources. In the constrained IoT, though, unpredictable random sources are a challenging desire due to limited resources, deterministic real-time operations, and frequent lack of a user interface. In this article, we revisit the generation of randomness from the perspective of an IoT operating system (OS) that needs to support general purpose or crypto-secure random numbers. We analyze the potential attack surface, derive common requirements, and discuss the potentials and shortcomings of current IoT OSs. A systematic evaluation of current IoT hardware components and popular software generators based on well-established test suits and on experiments for measuring performance give rise to a set of clear recommendations on how to build such a random subsystem and which generators to use.

A General-Purpose Software for Menu Design of CAD Projects

1993 ◽  
Author(s):  
Y. C. Pao
Keyword(s):  
Software Package ◽  
Computer Programs ◽  
General Purpose ◽  
Final Report ◽  
Sample Design ◽  
Main Menu ◽  
Sample Application ◽  
User Friendly ◽  
Four Bar Linkage ◽  
General Purpose Software

Abstract A software package MenuCAD has been developed for the general need of designing menu-driven, user-friendly CAD computer programs. The main menu is formatted similar to the major contents in the final report of the design project including Contents, Analysis, Sample Design Cases, Illustrations and Tables, References, and Program Listings. Sub-menus are further divided into items delineating the steps involved in the design. Screen help messages are provided for design of the main menu and sub-menus interactively and for applying the arrow keys on the keyboard to select a sub-menus and a particular item in the sub-menu in order to execute a desired design step. MenuCAD builds the framework, its user has to supplement with a subroutine ExecItem for describing the special features and for directing how each design step should be executed in the project. A CAD design of four-bar linkage project is presented as a sample application of this package.

General purpose software for probability computations?A virtual machine approach

1986 ◽  
Vol 1 (3) ◽  
pp. 161-173
Author(s):  
Maria Adelaide Parisi ◽  
Daniel R. Rehak
Keyword(s):  
Virtual Machine ◽  
General Purpose ◽  
General Purpose Software

scholarly journals Development of an IoT System for Environmental Monitoring: Software

2021 ◽  
Author(s):  
Benjamin Secker
Keyword(s):  
Environmental Monitoring ◽  
Low Cost ◽  
Proof Of Concept ◽  
Embedded Devices ◽  
Data Loggers ◽  
Environmental Monitoring System ◽  
Use Of The Internet ◽  
High Level ◽  
Monitoring Software ◽  
The Internet Of Things

Use of the Internet of Things (IoT) is poised to be the next big advancement in environmental monitoring. We present the high-level software side of a proof-of-concept that demonstrates an end-to-end environmental monitoring system,<br><div>replacing Greater Wellington Regional Council’s expensive data loggers with low-cost, IoT centric embedded devices, and it’s supporting cloud platform. The proof-of-concept includes a Micropython-based software stack running on an ESP32 microcontroller. The device software includes a built-in webserver that hosts a responsive Web App for configuration of the device. Telemetry data is sent over Vodafone’s NB-IoT network and stored in Azure IoT Central, where it can be visualised and exported.</div><br>While future development is required for a production-ready system, the proof-of-concept justifies the use of modern IoT technologies for environmental monitoring. The open source nature of the project means that the knowledge gained can be re-used and modified to suit the use-cases for other organisations.

IoT Based Heart Attack Detection, Heart Rate and Temperature Monitor

2019 ◽  
Vol 1 (6) ◽  
pp. 61-70
Author(s):  
Vaishnave A.K ◽  
Jenisha S.T ◽  
Tamil Selvi S
Keyword(s):  
Heart Attack ◽  
Attack Detection ◽  
Embedded Devices ◽  
Web Based ◽  
Medical Sensors ◽  
High Bandwidth ◽  
Temperature Monitor ◽  
Networking Technologies ◽  
User Friendly ◽  
The Internet Of Things

The Internet of Things (IoT) is inter communication of embedded devices using networking technologies. The IoT will be one of the important trends in future; can affect the networking, business and communication. In this paper, proposing a remote sensing parameter of the human body which consists of pulse and temperature. The parameters that are used for sensing and monitoring will send the data through wireless sensors. Adding a web based observing helps to keep track of the regular status of patient. The sensing data will be continuously collected in a database and will be used to inform patient to any unseen problems to undergo possible diagnosis. Experimental results prove the proposed system is user friendly, reliable, economical. IoT typically expected to propose the advanced high bandwidth connectivity of embedded devices, systems and services which goes beyond machine –to – machine (M2M) context. The advanced connectivity of devices aide in automation is possible in nearly all field. Everyone today is so busy in their lives; even they forget to take care of their health. By keeping all these things in minds, technology really proves to be an asset for an individual. With the advancement in technology, lots of smart or medical sensors came into existence that continuously analyzes individual patient activity and automatically predicts a heart attack before the patient feels sick.

Sign in / Sign up

Export Citation Format

Share Document