基于mbed操作系统的Hypervisor微内核式微型安全内核.pdf

uVisor : tiny hypervisor/microkernel-like tiny security kernel at the foundation of mbed OS Jim Huang ( 黃敬群) <jserv > 張家榮 <JaredCJR> 開源操作系統技術年會 / Nov 28, 2015 Abstract • IoT systems require an effective security framework where application code, protocol stacks, firmware distribution and installation, key provisioning, device management and diagnosis even under targeted attacks. • This talk presents advanced security features in ARM mbed OS for ARM Cortex-M processor to secure firmware updates and the cloud communication. – how memory protection unit (MPU) is used in practice by developers on mbed OS to compartmentalize code and sensitive data while accelerating development. Attack! 你被USB 充電裝置出賣 Attack iOS through USB charger! • BlackHat 2013 – MACTANS: INJECTING MALWARE INTO IOS DEVICES VIA MALICIOUS CHARGERS – /us-13/briefings.html#Lau • "we demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger. We first examine Apple’s existing security mechanisms to protect against arbitrary software installation, then describe how USB capabilities can be leveraged to bypass these defense mechanisms." 背叛你的USB Mass Storage 裝置 Plug and “Pray” • BlackHat 2014 BadUSB — On accessories that turn evil https://srlabs.de/badusb/ Keyboard emula[on is enough for infec[on and privilege escala[on (without need for software vulnerability)