Finding software bugs in embedded devices

Francillon, Aurélien; Thomas, Sam L.; Costin, Andrei
Book Chapter 11 of "Security of Ubiquitous Computing Systems", January 2021, ISBN: 978-3030105907


The goal of this chapter is to introduce the reader to the domain of bug discovery in embedded systems which are at the core of the Internet of Things. Embedded software has a number of particularities which makes it slightly different to general purpose software. In particular, embedded devices are more exposed to software attacks but have lower defense levels and are often left unattended. At the same time, analyzing their security is more difficult because they are very “opaque”, while the execution of custom and embedded software is often entangled with the hardware and peripherals. These differences have an impact on our ability to find software bugs in such systems. This chapter discusses how software vulnerabilities can be identified, at different stages of the software life-cycle, for example during development, during integration of the different components, during testing, during the deployment of the device, or in the field by third parties.


DOI
Type:
Ouvrage
Date:
2019-06-16
Department:
Sécurité numérique
Eurecom Ref:
5919
Copyright:
© Springer. Personal use of this material is permitted. The definitive version of this paper was published in Book Chapter 11 of "Security of Ubiquitous Computing Systems", January 2021, ISBN: 978-3030105907
 and is available at : https://doi.org/10.1007/978-3-030-10591-4_11

PERMALINK : https://www.eurecom.fr/publication/5919