SECA: security-enhanced communication architecture
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
Proceedings of the 43rd annual Design Automation Conference
Protection strategies for direct access to virtualized I/O devices
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
Secure Memory Accesses on Networks-on-Chip
IEEE Transactions on Computers
Multi-compartment: a new architecture for secure co-hosting on SoC
SOC'09 Proceedings of the 11th international conference on System-on-chip
SIGMA System: A Multi-OS Environment for Embedded Systems
Journal of Signal Processing Systems
Hi-index | 0.00 |
Multi-operating systems have been introduced to manage the manifold requirements of embedded systems. Especially in safety critical environments like the automotive domain the system's security must be guaranteed. Despite the state-of-the-art virtualization mechanisms, the idea of asymmetric-multi-processing can be used to split a system's hardware resources, which makes the virtualization of hardware obsolete. However, this special technique to implement a multi-operating system might add special demands to security objectives like isolation. In this paper an attack vector is shown, which utilizes a co-processor to break through the isolation of an operating system domain. Using a multi-operating system environment, we inject a malicious firmware into the co-processor in order to circumvent isolation mechanisms on behalf of an attacking operating system. Our attack vector demonstrates weaknesses in CPU centric isolation mechanisms, which will be further presented in the remainder of the document.