Advanced

Application security for embedded systems

Hagfjäll, Fredrik LU and Bäckman, Mikael (2017) EITM01 20171
Department of Electrical and Information Technology
Abstract
With the rise of Internet of Things (IoT) accessories such as network attached cameras, light bulbs and thermostats are all constantly connected to the Internet and security concerns must be taken seriously. If a bug exists in an application it could be hacked by a malicious adversary that then could harm the underlying system, leak information or attack other devices or networks.
Applications should not be allowed to damage the underlying system and there exists many isolation techniques for the general purpose computer, but these so- lutions are not designed for the embedded world and needs to be evaluated. This thesis compares isolation techniques in Linux for a specific embedded system and benchmarks performance and security. The... (More)
With the rise of Internet of Things (IoT) accessories such as network attached cameras, light bulbs and thermostats are all constantly connected to the Internet and security concerns must be taken seriously. If a bug exists in an application it could be hacked by a malicious adversary that then could harm the underlying system, leak information or attack other devices or networks.
Applications should not be allowed to damage the underlying system and there exists many isolation techniques for the general purpose computer, but these so- lutions are not designed for the embedded world and needs to be evaluated. This thesis compares isolation techniques in Linux for a specific embedded system and benchmarks performance and security. The thesis concludes that there are many non working isolation techniques for embedded systems and that further work is needed to enable them. However the best current solutions in this dissertation is Bubblewrap, Firejail and TOMOYO. (Less)
Popular Abstract
In all operating systems applications should be executed in a fashion that has no possibility of harming the underlying operating system or other applications. This kind of protection already exists in many flavours for ordinary systems, but for the use in embedded systems the already running protections have to be tested and evaluated regarding disc space usage, CPU usage and other limited resources. The solution proposed in this dissertation for achieving operating system protection is isolation of applications in a Linux environment.
The isolation part in this thesis is aimed at embedded systems and after elabo- rating the basics regarding how applications can be isolated in a Linux environment and what general threats exist for an... (More)
In all operating systems applications should be executed in a fashion that has no possibility of harming the underlying operating system or other applications. This kind of protection already exists in many flavours for ordinary systems, but for the use in embedded systems the already running protections have to be tested and evaluated regarding disc space usage, CPU usage and other limited resources. The solution proposed in this dissertation for achieving operating system protection is isolation of applications in a Linux environment.
The isolation part in this thesis is aimed at embedded systems and after elabo- rating the basics regarding how applications can be isolated in a Linux environment and what general threats exist for an isolation technique the actual techniques are presented. There exists various tools in the Linux kernel that helps to do this iso- lation, for example seccomp, capabilities and namespaces. However these cannot provide enough isolation by themselves and should only be seen as parts of the operating system that will be used by more elaborate tools to achieve isolation.
Linux Security Modules is one of the more evolved candidates that can achieve this type of isolation and with it being built into the kernel the possible benefits are large. Other solutions presented include containers and other tools that can be seen as sandboxes. In total 11 different implementations were chosen to be described further and applied on the embedded system. However not all of them turned out to be suited for our embedded system and were not able to be run due to various reasons.
One crucial part for the embedded system used in this thesis was the extra size required by the implementation and two had to be discarded straight away since they required too much disc space to function. Other problems included un- supported architectures, lack of user space tools and support for transfer an entire Linux file system to the embedded system. The thesis presents implementations that are running on the system and recommendations on which one to use based on security evaluation and performance, but it also provides some valuable insight as to where the focus and continued work should be regarding implementations that did not run.
One conclusions of the thesis is that even though some isolation techniques that is being used in embedded systems today it might not work on the embedded system within the scope of this thesis. The reason for this is that all embedded
systems are so fundamentally different with architectures, available memory and use cases. The final recommendations of implementations that should be used are TOMOYO and Bubblewrap. TOMOYO is recommended since it almost does not add extra overhead and the user space tools is easy to use and activate. Bub- blewrap is recommended since it isolates the applications very easily and runs unprivileged which means that if an isolation breakout is achieved the resulting damage would be limited on the system. (Less)
Please use this url to cite or link to this publication:
author
Hagfjäll, Fredrik LU and Bäckman, Mikael
supervisor
organization
course
EITM01 20171
year
type
H2 - Master's Degree (Two Years)
subject
keywords
linux, security, isolation, embedded systems
report number
LU/LTH-EIT 2017-566
language
English
id
8905907
date added to LUP
2017-04-21 15:24:38
date last changed
2017-04-21 15:24:38
@misc{8905907,
  abstract     = {With the rise of Internet of Things (IoT) accessories such as network attached cameras, light bulbs and thermostats are all constantly connected to the Internet and security concerns must be taken seriously. If a bug exists in an application it could be hacked by a malicious adversary that then could harm the underlying system, leak information or attack other devices or networks.
Applications should not be allowed to damage the underlying system and there exists many isolation techniques for the general purpose computer, but these so- lutions are not designed for the embedded world and needs to be evaluated. This thesis compares isolation techniques in Linux for a specific embedded system and benchmarks performance and security. The thesis concludes that there are many non working isolation techniques for embedded systems and that further work is needed to enable them. However the best current solutions in this dissertation is Bubblewrap, Firejail and TOMOYO.},
  author       = {Hagfjäll, Fredrik and Bäckman, Mikael},
  keyword      = {linux,security,isolation,embedded systems},
  language     = {eng},
  note         = {Student Paper},
  title        = {Application security for embedded systems},
  year         = {2017},
}