Co-Processor Aided Attack on Embedded Multi-OS Environments

2013 International Conference on IT Convergence and Security (ICITCS) Pub Date : 2013-12-01 DOI:10.1109/ICITCS.2013.6717818

Pierre Schnarz, J. Wietzke, I. Stengel

{"title":"Co-Processor Aided Attack on Embedded Multi-OS Environments","authors":"Pierre Schnarz, J. Wietzke, I. Stengel","doi":"10.1109/ICITCS.2013.6717818","DOIUrl":null,"url":null,"abstract":"Within several domains of embedded computing, multi operating systems will be introduced in future. This is motivated by the need of fulfilling widespread requirements. Additionally, safety critical automotive domains add high demands on the security of such systems. Depending on the hardware architecture, it is possible to use several techniques to isolate systems. These are necessary for security reasons. Despite the state-of-the-art virtualization mechanisms, the idea of asymmetric-multiprocessing can be used to split a system's hardware resources, which makes the virtualization of hardware obsolete. However, independent devices like co-processors might add potential security risks. In this paper an attack vector is shown, which utilizes a co-processor to break through the isolation of an operating system domain. Using a multi operating system environment, we manipulate a co-processor in order to circumvent isolation mechanisms on behalf of an attacking operating system. The attack demonstrates an architectural demand to extend the virtualization capabilities of autarkic devices like co- processors.","PeriodicalId":420227,"journal":{"name":"2013 International Conference on IT Convergence and Security (ICITCS)","volume":"181 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on IT Convergence and Security (ICITCS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITCS.2013.6717818","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Within several domains of embedded computing, multi operating systems will be introduced in future. This is motivated by the need of fulfilling widespread requirements. Additionally, safety critical automotive domains add high demands on the security of such systems. Depending on the hardware architecture, it is possible to use several techniques to isolate systems. These are necessary for security reasons. Despite the state-of-the-art virtualization mechanisms, the idea of asymmetric-multiprocessing can be used to split a system's hardware resources, which makes the virtualization of hardware obsolete. However, independent devices like co-processors might add potential security risks. In this paper an attack vector is shown, which utilizes a co-processor to break through the isolation of an operating system domain. Using a multi operating system environment, we manipulate a co-processor in order to circumvent isolation mechanisms on behalf of an attacking operating system. The attack demonstrates an architectural demand to extend the virtualization capabilities of autarkic devices like co- processors.

查看原文本刊更多论文

嵌入式多操作系统环境的协处理器辅助攻击

在嵌入式计算的一些领域中，未来将引入多操作系统。这是出于满足广泛需求的需要。此外，安全关键的汽车领域对此类系统的安全性提出了很高的要求。根据硬件体系结构的不同，可以使用几种技术来隔离系统。出于安全考虑，这是必要的。尽管有最先进的虚拟化机制，但不对称多处理的思想可以用于分割系统的硬件资源，这使得硬件虚拟化过时了。然而，像协处理器这样的独立设备可能会增加潜在的安全风险。本文给出了一种利用协处理器突破操作系统域隔离的攻击向量。使用多操作系统环境，我们操纵协处理器以代表攻击操作系统规避隔离机制。这次攻击表明了一种架构需求，即扩展协同处理器等自给设备的虚拟化能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 International Conference on IT Convergence and Security (ICITCS)

自引率

0.00%

发文量