No Crash, No Exploit: Automated Verification of Embedded Kernels

11/30/2020
by   Olivier Nicole, et al.
0

The kernel is the most safety- and security-critical component of many computer systems, as the most severe bugs lead to complete system crash or exploit. It is thus desirable to guarantee that a kernel is free from these bugs using formal methods, but the high cost and expertise required to do so are deterrent to wide applicability. We propose a method that can verify both absence of runtime errors (i.e. crashes) and absence of privilege escalation (i.e. exploits) in embedded kernels from their binary executables. The method can verify the kernel runtime independently from the application, at the expense of only a few lines of simple annotations. When given a specific application, the method can verify simple kernels without any human intervention. We demonstrate our method on two different use cases: we use our tool to help the development of a new embedded real-time kernel, and we verify an existing industrial real-time kernel executable with no modification. Results show that the method is fast, simple to use, and can prevent real errors and security vulnerabilities.

READ FULL TEXT
research
03/19/2020

Automatically Proving Microkernels Free from Privilege Escalation from their Executable

Operating system kernels are the security keystone of most computer syst...
research
10/17/2017

Towards Linux Kernel Memory Safety

The security of billions of devices worldwide depends on the security an...
research
01/06/2020

Runtime Verification of Linux Kernel Security Module

The Linux kernel is one of the most important Free/Libre Open Source Sof...
research
04/24/2014

CoRE Kernels

The term "CoRE kernel" stands for correlation-resemblance kernel. In man...
research
03/16/2019

MultiK: A Framework for Orchestrating Multiple Specialized Kernels

We present, MultiK, a Linux-based framework 1 that reduces the attack su...
research
05/29/2021

ECMO: Peripheral Transplantation to Rehost Embedded Linux Kernels

Dynamic analysis based on the full-system emulator QEMU is widely used f...
research
05/15/2023

BRF: eBPF Runtime Fuzzer

The eBPF technology in the Linux kernel has been widely adopted for diff...

Please sign up or login with your details

Forgot password? Click here to reset