Visible to the public On Runtime Software Security of TrustZone-M Based IoT Devices

TitleOn Runtime Software Security of TrustZone-M Based IoT Devices
Publication TypeConference Paper
Year of Publication2020
AuthorsLuo, Lan, Zhang, Yue, Zou, Cliff, Shao, Xinhui, Ling, Zhen, Fu, Xinwen
Conference NameGLOBECOM 2020 - 2020 IEEE Global Communications Conference
Date Publisheddec
Keywordscomposability, encoding, human factors, Internet of Things, Malware, microcontroller, Payloads, pubcrawl, Random access memory, Resiliency, rop attacks, Runtime, Scalability, security, software security, TrustZone
AbstractInternet of Things (IoT) devices have been increasingly integrated into our daily life. However, such smart devices suffer a broad attack surface. Particularly, attacks targeting the device software at runtime are challenging to defend against if IoT devices use resource-constrained microcontrollers (MCUs). TrustZone-M, a TrustZone extension for MCUs, is an emerging security technique fortifying MCU based IoT devices. This paper presents the first security analysis of potential software security issues in TrustZone-M enabled MCUs. We explore the stack-based buffer overflow (BOF) attack for code injection, return-oriented programming (ROP) attack, heap-based BOF attack, format string attack, and attacks against Non-secure Callable (NSC) functions in the context of TrustZone-M. We validate these attacks using the Microchip SAM L11 MCU, which uses the ARM Cortex-M23 processor with the TrustZone-M technology. Strategies to mitigate these software attacks are also discussed.
DOI10.1109/GLOBECOM42002.2020.9322370
Citation Keyluo_runtime_2020