Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
Towards securing software of embedded Linux devices
Thesis (MEng)--Stellenbosch University, 2014.
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Language: | en_ZA |
| Published: |
Stellenbosch : Stellenbosch University
2015
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613942517334016 |
|---|---|
| access_status_str | Open Access |
| author | Van Tonder, Rijnard |
| author2 | Engelbrecht, H. A. |
| author_browse | Engelbrecht, H. A. Van Tonder, Rijnard |
| author_facet | Engelbrecht, H. A. Van Tonder, Rijnard |
| author_sort | Van Tonder, Rijnard |
| collection | Thesis |
| dc_rights_str_mv | Stellenbosch University |
| description | Thesis (MEng)--Stellenbosch University, 2014. |
| format | Thesis |
| id | oai:scholar.sun.ac.za:10019.1/95773 |
| institution | Stellenbosch University (South Africa) |
| language | en_ZA |
| last_indexed | 2026-06-10T12:44:09.875Z |
| license_str | Other — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from SUNScholar — Stellenbosch University Repository |
| publishDate | 2015 |
| publishDateRange | 2015 |
| publishDateSort | 2015 |
| publisher | Stellenbosch : Stellenbosch University |
| publisherStr | Stellenbosch : Stellenbosch University |
| record_format | dspace |
| source_str | SUNScholar — Stellenbosch University Repository |
| spelling | oai:scholar.sun.ac.za:10019.1/95773 Towards securing software of embedded Linux devices Van Tonder, Rijnard Engelbrecht, H. A. Stellenbosch University. Faculty of Engineering. Dept. of Electrical and Electronic Engineering. Embedded computer systems Linux device drivers (Computer programs) USB (Computer bus) Computer software -- Development UCTD Thesis (MEng)--Stellenbosch University, 2014. ENGLISH ABSTRACT: As Embedded devices continue to proliferate, there is a rising concern surrounding the security that these increasingly complex and capable devices provide. Software development processes are successfully employed to address security in desktop operating systems and applications, yet there is no widely accepted security process for embedded systems. In this thesis, we demonstrate how security of embedded Linux devices may be improved by considering 12 well-chosen case studies that exemplify methods advocated by established secure software development processes. Specifically, we derive highlevel methods from a comparative study of two well-known security processes: The Microsoft Security Development Lifecycle (SDL) and the OWASP Comprehensive Lightweight Application Security Process (CLASP), and use these to evaluate embedded Linux devices. These methods, namely, attack surface analysis, threat modeling, and security testing, drive the assessment techniques that enable vulnerability discovery and analysis covered in our case studies. We apply and investigate these techniques in terms of attacks that pertain to three common elements of a typical embedded Linux device, that is, operating system, network, and Universal Serial Bus (USB) attacks. During assessment, a number of new security vulnerabilities are discovered in these attack surfaces, demonstrating the effectiveness of our approach. Moreover, we develop a novel, publicly available USB fuzz testing framework for discovering USB vulnerabilities. Our final contribution culminates in six concrete, actionable recommendations based on our case studies for improving embedded security. Interestingly, our recommendations correlate with those advocated by security expert Gary McGraw, but with the added benefit of being substantiated by concrete case study analyses in the embedded space. AFRIKAANSE OPSOMMING: Soos toegewyde toestelle voortgaan om te vermenigvuldig, is daar ’n toenemende kommer rondom die sekuriteit wat hulle bied. Al word sagtewareontwikkeling prosesse suksesvol toegepas op gewone rekenaars en programme, bestaan daar nie ’n aanvaarde sekuriteitsproses vir toegewyde stelsels nie. In hierdie tesis wys ons hoe die sekuriteits aspekte van toegewyde Linux stelsels verbeter kan word deur middel van 12 gevallestudies, waarin ons gevestigde sagteware-ontwikkeling proses metodes toepas. Ons begin deur twee bekende sekuriteit prosesse te vergelyk: die Microsoft Security Development Lifecycle (SDL) en die OWASP Comprehensive Lightweight Application Security Process (CLASP). Hiermee kies ons metodes wat van toepassing is om die sekuriteit van toegewyde Linux toestelle te evalueer. Die metodes, naamlik aanval oppervlak analise, bedreigingsmodellering, en toegepaste veiligheidsevalueering word gebruik om sekuriteits foute te ontdek en te analiseer in ons gevallestudies. Verder neem ons drie elemente in ag van toegewyde Linux toestalle wat tipies aangeval word, naamlik, die bedryfstelsel, netwerk, en USB oppervlaktes. Gedurende assessering is ’n aantal nuwe sekuriteit probleme ontdek in hierdie aanval oppervlaktes, wat die doeltreffendheid toon van ons benadering. Verder ontwikkel ons ’n nuwe USB toetsraamwerk om sekuriteits foute te ontdek, wat boonop aan die publiek beskikbaar gemaak is. Ons finale bydrae is ses konkrete aanbevelings vir die verbetering van sekuriteit in toegewyde stelsels, wat ontwikkel is op grond van ons gevallestudies. Interessant genoeg, ons aanbevelings stem ooreen met dié bepleit deur sekuriteit deskundige Gary McGraw, maar met die addisionele voordeel dat dit gebaseer is op konkrete gevallestudies in die veld van toegewyde stelsels. 2015-01-13T11:46:49Z 2016-01-01T03:00:15Z 2014-12 Thesis http://hdl.handle.net/10019.1/95773 en_ZA Stellenbosch University application/pdf application/pdf Stellenbosch : Stellenbosch University |
| spellingShingle | Embedded computer systems Linux device drivers (Computer programs) USB (Computer bus) Computer software -- Development UCTD Van Tonder, Rijnard Towards securing software of embedded Linux devices |
| title | Towards securing software of embedded Linux devices |
| title_full | Towards securing software of embedded Linux devices |
| title_fullStr | Towards securing software of embedded Linux devices |
| title_full_unstemmed | Towards securing software of embedded Linux devices |
| title_short | Towards securing software of embedded Linux devices |
| title_sort | towards securing software of embedded linux devices |
| topic | Embedded computer systems Linux device drivers (Computer programs) USB (Computer bus) Computer software -- Development UCTD |
| url | http://hdl.handle.net/10019.1/95773 |
| work_keys_str_mv | AT vantonderrijnard towardssecuringsoftwareofembeddedlinuxdevices |