Nuttx for Embedded Linux Developers
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
AMNESIA 33: How TCP/IP Stacks Breed Critical Vulnerabilities in Iot
AMNESIA:33 | RESEARCH REPORT How TCP/IP Stacks Breed Critical Vulnerabilities in IoT, OT and IT Devices Published by Forescout Research Labs Written by Daniel dos Santos, Stanislav Dashevskyi, Jos Wetzels and Amine Amri RESEARCH REPORT | AMNESIA:33 Contents 1. Executive summary 4 2. About Project Memoria 5 3. AMNESIA:33 – a security analysis of open source TCP/IP stacks 7 3.1. Why focus on open source TCP/IP stacks? 7 3.2. Which open source stacks, exactly? 7 3.3. 33 new findings 9 4. A comparison with similar studies 14 4.1. Which components are typically flawed? 16 4.2. What are the most common vulnerability types? 17 4.3. Common anti-patterns 22 4.4. What about exploitability? 29 4.5. What is the actual danger? 32 5. Estimating the reach of AMNESIA:33 34 5.1. Where you can see AMNESIA:33 – the modern supply chain 34 5.2. The challenge – identifying and patching affected devices 36 5.3. Facing the challenge – estimating numbers 37 5.3.1. How many vendors 39 5.3.2. What device types 39 5.3.3. How many device units 40 6. An attack scenario 41 6.1. Other possible attack scenarios 44 7. Effective IoT risk mitigation 45 8. Conclusion 46 FORESCOUT RESEARCH LABS RESEARCH REPORT | AMNESIA:33 A note on vulnerability disclosure We would like to thank the CERT Coordination Center, the ICS-CERT, the German Federal Office for Information Security (BSI) and the JPCERT Coordination Center for their help in coordinating the disclosure of the AMNESIA:33 vulnerabilities. -
B.Tech. CSE CBCS W.E.F. July, 2019
The Curriculum Book BACHELOR OF TECHNOLOGY I tn COMPUTER SCIENCE AND ENGINEERING FOUR YEAR PROGRAMME Choice Based Credit System vy. e. f. JuIy ZAlg (70:30) . ,_i 1 .I DEPARTMENT OF COMPUTER SCIENCE AI\D BNGINEERING GURU JAMBHESHWAR UNIVERSITY OF SCIENCE & TECHNOLOGY tr j HISAR.125OO1, HARYANA scheme & syllabi2019 GURU JAMBHESHWAR UNIVERSITY OF SCIENCE & TECHNOLOGY, HISAR (Established by state Legistature 'A',Grade,. Act 17 of lggs) NA.AC Accreditid state Govt. university Acad /AC-ilt,tFqc_1 Vot. 3DAlgJf 7 7 Dated: Ulfr:f To The Controller of Examinations GJUS&T, Hisar. sub: Approval of scheme of examination & syllabi of various B.Tech. progralle(sJ being run in university Teachiig Departments as welt as affil iated En g i neeri ng c oilege(s)/r nstitutelsy. AND Recommendations of Faculty Engineering open & Technology regarding Elective, Format of Minor Quu.ti;;-of papei Mooc strength for programme courses, minimum Erective, semester Registration etc. Sir, I am directed to inform you that the vice-chancellor, on the recommendations of the Faculty of Engineering & Technology, vide resolutions no. 2to 13 in its meeting held on 1B 07'2a19, is pleased to approve . the following scheme & syllabi of B.Tech. programme(s) w'e'f' the academic session batch / mentioned against each being run in University Teaching Departments as well as affiliated colleges/institutions and recommendations of Faculty of Engineering & Technolcgy, regarding open Elective, format of Minor Question Paper, Mooc courses, minimum strength for programme Elective' semester Registration etc under sectio n 11(5) in anticipation of approvat of the Acadenric councir of the University Act, 1995.- 1' B'Tech (Printing Technology), B Tec.h (Packaging Technology) (Printing & Packaging i""r'norogD-ath ""un',i""o,,,& B.Tech. -
TCP/IP Enabled Legos
TCP/IP enabled legOS Student research project University of applied sciences Hamburg March 3, 2002 Olaf Christ [email protected] 1 Abstract In recent years, the interest for connecting small devices such as sensors or embedded systems into an existing network infrastructure (such as the global Internet) has steadily increased. Such devices often have very limited CPU and memory resources and may not be able to run an instance of the TCP/IP protocol suite. This document describes how to use the uIP TCP/IP stack, written by Adam Dunkels, on LEGO’s RCX Mindstorm platform, a very small device / toy powered by a h8300 Hitachi microcontroller with very limited RAM (32K) and processing power. Still, it is powerful enough to run alternative operating systems such as LegOS or even a tiny Java VM as a replacement of the original firmware. The advanced user is usually not satisfied with the original firmware due to its extremely limited capabilities in terms of executing complex code and the very limited number of variables. The uIP TCP/IP stack is intended for embedded systems running on low-end 8 or 16-bit microcontrollers. The code size of uIP is an order of a magnitude smaller than similar generic TCP/IP stacks available today. The uIP code and an up-to-date version of the uIP documentation can be downloaded from the uIP homepage maintained by Adam Dunkels. 2 3 Preface This work has been carried out as a student research project at the University of applied sciences Hamburg in Hamburg, Germany. The proposal was given to me by my supervisor Prof. -
Evaluation of Open Source Operating Systems for Safety-Critical Applications Master’S Thesis in Embedded Electronic System Design
Evaluation of open source operating systems for safety-critical applications Master’s thesis in Embedded Electronic System Design Petter Sainio Berntsson Department of Computer Science and Engineering CHALMERS UNIVERSITY OF TECHNOLOGY UNIVERSITY OF GOTHENBURG Gothenburg, Sweden 2017 MASTER’S THESIS 2017 Evaluation of open source operating systems for Safety-critical applications Petter Sainio Berntsson Department of Computer Science and Engineering Chalmers University of Technology University of Gothenburg Gothenburg, Sweden 2017 Evaluation of open source operating systems for safety-critical applications Petter Sainio Berntsson © Petter Sainio Berntsson, 2017 Examiner: Per Larsson-Edefors Chalmers University of Technology Department of Computer Science and Engineering Academic supervisor: Jan Jonsson Chalmers University of Technology Department of Computer Science and Engineering Industrial supervisors: Lars Strandén RISE Research Institutes of Sweden Dependable Systems Fredrik Warg RISE Research Institutes of Sweden Dependable Systems Master’s Thesis 2017 Department of Computer Science and Engineering Chalmers University of Technology University of Gothenburg SE-412 96 Gothenburg Telephone +46(0) 31 772 1000 Abstract Today many embedded applications will have to handle multitasking with real-time time constraints and the solution for handling multitasking is to use a real-time operating system for scheduling and managing the real-time tasks. There are many different open source real-time operating systems available and the use of open source software for safety-critical applications is considered highly interesting by industries such as medical, aerospace and automotive as it enables a shorter time to market and lower development costs. If one would like to use open source software in a safety-critical context one would have to provide evidence that the software being used fulfills the requirement put forth by the industry specific standard for functional safety, such as the ISO 26262 standard for the automotive industry. -
D2.11 Report on RTOS Scheduling Revised
D2.11 Report on RTOS scheduling Revised Grant agreement no. 780785 Project acronym OFERA (micro-ROS) Project full title Open Framework for Embedded Robot Applications Deliverable number D2.11 Deliverable name Report on RTOS scheduling Date June 2020 Dissemination level public Workpackage and task WP2 - Task 2.4 Author Juan Flores Muñoz (eProsima) Contributors Francesca Finocchiaro (eProsima), Pablo Garrido Sanchez (eProsima) Keywords micro-ROS, robotics, ROS, microcontrollers, scheduling, real-time Abstract This document reviews the scheduling algorithms of- fered by the three RTOSes supported by micro-ROS and presents the scheduling architecture selected for the project. D2.11: Report on RTOS scheduling – Revised Contents 1 Summary 2 2 Acronyms and keywords 2 3 Introduction 2 4 Supported RTOS 2 4.1 NuttX ............................................. 3 4.2 FreeRTOS ........................................... 3 4.3 Zephyr ............................................ 4 5 Scheduling architecture 4 6 RTOS implementation 5 7 Conclusion and future steps. 5 1 D2.11: Report on RTOS scheduling – Revised 1 Summary This report is the sequel of the deliverable 2.10 (Report on RTOS scheduling-Initial) submitted in December 2018. Based on the previous deliverable, we will analyse the scheduling mechanisms that have been implemented within the micro-ROS project for each of the supported RTOSes, in order to achieve the required functionalities. 2 Acronyms and keywords Term Definition RTOS Real-Time Operating System OS Operating System DDS Data Distribution Service ROS Robot Operating System MCU Microcontroller unit AL Abstraction layer 3 Introduction Schedulers are software entities that manage the execution of processes using different techniques depending on the objectives. Their main task is to decide which process to execute at each time in the processing unit. -
MINITEE—A Lightweight Trustzone-Assisted TEE for Real-Time Systems
electronics Article MINITEE—A Lightweight TrustZone-Assisted TEE for Real-Time Systems Songran Liu 1,2 , Nan Guan 2, Zhishan Guo 3,* and Wang Yi 1 1 College of Computer Science and Engineering, Northeastern University, Shenyang 110819, China; [email protected] (S.L.); [email protected] (W.Y.) 2 Department of Computing, The Hong Kong Polytechnic University, Hong Kong 999077, China; [email protected] 3 Department of Electrical and Computer Engineering, University of Central Florida, Orlando, FL 32816-2362, USA * Correspondence: [email protected] Received: 31 May 2020; Accepted: 8 July 2020; Published: 11 July 2020 Abstract: While trusted execution environments (TEEs) provide industry standard security and isolation, TEE requests through secure monitor calls (SMCs) attribute to large time overhead and weakened temporal predictability. Moreover, as current available TEE solutions are designed for Linux and/or Android initially, it will encounter many constraints (e.g., driver libraries incompatible, large memory footprint, etc.) when integrating with low-end Real-Time Operating Systems, RTOSs. In this paper, we present MINITEE to understand, evaluate and discuss the benefits and limitations when integrating TrustZone-assisted TEEs with RTOSs. We demonstrate how MINITEE can be adequately exploited for meeting the real-time needs, while presenting a low performance overhead to the rich OSs (i.e., low-end RTOSs). Keywords: real-time system; ARM TrustZone; trusted execution environment 1. Introduction As real-time embedded systems become more complex and interconnected, certain sections or parts of the systems may need to be protected to prevent unauthorized access, or isolated to ensure functional/non-functional correctness. -
Linux+Zephyr: Iot Made Easy Iot Explodes Everywhere
Linux+Zephyr: IoT made easy IoT Explodes Everywhere ❑ “Sensors and actuators embedded in physical objects and linked through wired and wireless networks, often using the same Internet Protocol (IP) that connects the Internet” - Definition by McKinsey. ❑ Sounds just like embedded stuff we’ve been doing for decades! So what changed? ❑ Now there’s a big market and the world is just ‘ready’. ❑ Unfortunately there’s no standard (and probably will not be one for many decades), fragmentation is running amok. Linux IoT ❑ Around for many years and been doing IoT things with it before it had a cool name. ❑ All protocols have their reference implementation on Linux (AllJoyn, MQTT, Weave, XMPP, etc) ❑ Unfortunately Linux has gotten quite large ❑ Minimum kernel for embedded target > 4MB compressed ❑ Requires a few hundreds of GB of flash for a general purpose install. ❑ Not suitable for very small devices Price is everything ❑ If we could run Linux on everything you wouldn’t be in this presentation! ❑ Linux is secure (has years of scrutiny and professional security people go after every commit with a fine tooth comb). ❑ Linux has the full networking stack required. ❑ Linux has the I/O capabilities (every sensor/actuator driver) ❑ Unfortunately you can’t run Linux on $0.5 part. Price is everything (cont) ❑ Run IoT on a $0.5 part (ideally, we could do with $1) ❑ This is the sweet-spot for many applications ❑ Put a $50 device off premises and get lost or stollen, you might get a bit upset -> end up not buying it. ❑ Put a $1 device off premises and get lost or stollen -> meh. -
Final Report
Team 4 - Rescue Drone Final Report Members Alexandra Borgesen [email protected] Peter Burchell [email protected] Cody Campbell [email protected] Shawn Cho [email protected] Sarah Hood [email protected] Halil Yonter [email protected] Sponsor Mr. David F. Merrick Faculty Advisor Dr. Rodney Roberts Instructor Dr. Jerris Hooker Reviewers Dr. Bruce Harvey Dr. Simon Foo 04/21/2017 Team 4 Final Report Rescue Drone Executive Summary UAVs used by Florida State University’s Emergency Management and Homeland Security Program can autonomously scan an area, but will provide no feedback regarding image contents, nor do they have a user-friendly interface for interprocess communication. The multidisciplinary ECE Senior Design Team #4 was tasked with creating a new, unique UAV capable of scanning disaster zones and identifying unique objects of interest. Careful research and planning has led to an innovative flight control architecture. The final product features a powerful onboard computer capable of live image processing for object detection, with distinct algorithms for color filtering and pedestrian tracking. A conversion algorithm was also implemented for converting the UAV’s latitude and longitude data, which is read from the flight control hardware, into USNG format. An IP network governs all communication between the ground station and the UAV. In the pursuit of increasing autonomy and implementing computer vision, a reliable and consistent object detection remains integral to accomplishing this task. By analyzing an image in search of HSV values that satisfy a predetermined range of color, any region of pixels that comply with the given range is highlighted using the color filtering algorithm. -
Upkit: an Open-Source, Portable, and Lightweight Update Framework For
Paper published at the 39th IEEE International Conference on Distributed Computing Systems (ICDCS) in July 2019 UpKit: An Open-Source, Portable, and Lightweight Update Framework for Constrained IoT Devices Antonio Langiu, Carlo Alberto Boano, Markus Schuß, and Kay Romer¨ Institute of Technical Informatics, Graz University of Technology, Austria E-mail: [email protected]; [email protected]; [email protected]; [email protected] Abstract—Updating the software running on constrained IoT to embed some software update capabilities in the firmware devices such as low-power sensors and actuators in a secure and running on each IoT device [6], [7]. Such capabilities include, efficient way is an open problem. The limited computational, among others, the (over-the-air) download of the update image, memory, and storage capabilities of these devices, together with their small energy budget, indeed, restrict the number of features the verification of its integrity and authenticity, as well as its that can be embedded into an update system and make it installation [8]. All these steps should be performed while also difficult to build a generic and compact solution. As a minimizing the downtime of a device and its services. result, existing update systems for constrained IoT devices are often not portable, do not perform a proper verification of the Updating constrained IoT devices. Updating the software downloaded firmware, or focus only on a single phase of the running on constrained IoT devices, e.g., low-power sensors update process, which exposes them to security threats and calls and actuators [9], is still an open research problem [6], for new solutions. -
TCP/IP Library
XTCP (6.0.0) TCP/IP Library A library providing two alternative TCP/UDP/IP protocol stacks for XMOS devices. This library connects to the XMOS Ethernet library to provide layer-3 traffic over Ethernet via MII or RGMII. Features • TCP and UDP connection handling • DHCP, IP4LL, ICMP, IGMP support • Low level, event based interface for efficient memory usage • Supports IPv4 only, not IPv6 Stacks This library provides two different TCP/IP stack implementations ported to the xCORE architecture. uIP stack The first stack ported is the uIP (micro IP) stack. The uIP stack has been designed to have a minimal re- source footprint. As a result, it has limited performance and does not provide support for TCP windowing. lwIP stack The second stack ported is the lwIP (lightweight IP) stack. The lwIP stack requires more resources than uIP, but is designed to provide better throughput and also has support for TCP windowing. Typical Resource Usage This following table shows typical resource usage in some different configurations. Exact resource usage will depend on the particular use of the library by the application. Configuration Pins Ports Clocks Ram Logical cores UIP 0 0 0 ~25.7K 1 LWIP 0 0 0 ~63.6K 1 Software version and dependencies This document pertains to version 6.0.0 of this library. It is known to work on version 14.2.4 of the xTIMEcomposer tools suite, it may work on other versions. This library depends on the following other libraries: • lib_otpinfo (>=2.0.0) • lib_ethernet (>=3.2.0) Related application notes The following application notes use this library: • AN00121 - Using the XMOS TCP/IP library Copyright 2017 XMOS Ltd. -
How Embedded TCP/IP Stacks Breed Critical Vulnerabilities
How Embedded TCP/IP Stacks Breed Critical Vulnerabilities Daniel dos Santos, Stanislav Dashevskyi, Jos Wetzels, Amine Amri FORESCOUT RESEARCH LABS #BHEU @BLACKHATEVENTS Who we are • Daniel dos Santos, Research Manager • Stanislav Dashevskyi, Security Researcher • Jos Wetzels, Security Researcher • Amine Amri, Security Researcher “At Forescout Research Labs we analyze the security implications of hyper connectivity and IT-OT convergence.” FORESCOUT RESEARCH LABS 2 #BHEU @BLACKHATEVENTS Outline • Project Memoria • AMNESIA:33 - vulnerabilities on open-source TCP/IP stacks • Analysis of TCP/IP stack vulnerabilities o Affected components o Vulnerability types & Anti-patterns o Exploitability & Impact • The consequences of TCP/IP stack vulnerabilities • Conclusion & what comes next FORESCOUT RESEARCH LABS 3 #BHEU @BLACKHATEVENTS Project Memoria FORESCOUT RESEARCH LABS 4 #BHEU @BLACKHATEVENTS Project Memoria • Goal: large study of embedded TCP/IP stack security o Why are they vulnerable? How are they vulnerable? What to do about it? o Quantitative and qualitative o Forescout Research Labs and other collaborations 1990s 2020 FORESCOUT RESEARCH LABS 5 #BHEU @BLACKHATEVENTS Embedded Systems Supply chain http://smartbox.jinr.ru/doc/chip-rtos/software.htm Applications / System Distributer / Components Devices Connectivity End User Services Integration Reseller • MCU • IP Cam • Cellular • Library • SoC • Router • LPWAN • Daemon • Modem • ECU • Wi-Fi • Platform FORESCOUT RESEARCH LABS 6 #BHEU @BLACKHATEVENTS Why target protocol stacks? • Wide deployment -
Unmanaged Internet Protocol Taming the Edge Network Management Crisis
Unmanaged Internet Protocol Taming the Edge Network Management Crisis Bryan Ford Massachusetts Institute of Technology Abstract Though appropriate for core Internet infrastructure, the Inter- net Protocol is unsuited to routing within and between emerg- ing ad-hoc edge networks due to its dependence on hierarchi- cal, administratively assigned addresses. Existing ad-hoc rout- ing protocols address the management problem but do not scale to Internet-wide networks. The promise of ubiquitous network computing cannot be fulfilled until we develop an Unmanaged Internet Protocol (UIP), a scalable routing protocol that man- Figure 1: Today’s Internetworking Challenges ages itself automatically. UIP must route within and between constantly changing edge networks potentially containing mil- lions or billions of nodes, and must still function within edge naming, and management protocols, have evolved around networks disconnected from the main Internet, all without im- the requirements of core network infrastructure: corpo- posing the administrative burden of hierarchical address assign- rate, academic, and government networks deployed and ment. Such a protocol appears challenging but feasible. We managed by skilled network administrators. IP’s hierar- propose an architecture based on self-certifying, cryptographic node identities and a routing algorithm adapted from distributed chical address architecture in particular is fundamentally hash tables. dependent on skilled network management. Current ad- hoc networking protocols by themselves are not sufficient either, because they are only scalable to local-area net- 1 Introduction work sizes of a few hundreds or thousands of nodes. To achieve ubiquitous network computing, we need an The promise of ubiquitous computing is that people will Unmanaged Internet Protocol, or UIP, that combines the soon routinely own many “smart” networked devices, self-management of ad-hoc networks with the scalability some mobile, others perhaps built into their homes and of IP.