We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Your Peripheral Has Planted Malware - An Exploit of NXP SOCs

Formal Metadata

Title
Your Peripheral Has Planted Malware - An Exploit of NXP SOCs
Title of Series
Number of Parts
322
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date2018
LanguageEnglish

Content Metadata

Subject Area
Genre
Abstract
There are billions of ARM Cortex M based SOC being deployed in embedded systems. Most of these devices are Internet ready and definitely security is always the main concern. Vendors would always apply security measurements into the ARM Cortex M product for few major reasons: 1) People will not be able to copy and replicate the product; 2) License control for the hardware and software; 3) Prevent malicious code injection in to the firmware. Vendors normally rely on the security measurements built within the chip (unique ID number/signature) or security measurements built around the chip (secure boot). In this talk, we will share the ARM Cortex M SOC vulnerability that we discovered and it will be two parts: The first is security measurement build within the SOC and how we break it. We could gain control of changing the SOC unique ID and write the firmware or even turn the device into a trojan or bot. The second is security measure built around the SOC and how we break the Secure Boot elements and write into the firmware.