Learn how it is possible to prove low-level software component and TEE security, as well as the Goodix driver example demoed in the webinar.
Check out the webinar replay here: https://www.youtube.com/watch?v=nG3DlejBd3k
Visit our website trust-in-soft.com for more information!
Towards 0-bug software in the automotive industryAshley Zupkus
What are the software safety and security standards that software developers in the automotive industry need to meet? How can safe, secure code be developed in accordance with the industry norms like ISO 26262, ISO 21434, and SOTIF? Experts specialized in the automotive industry will answer all your questions in this webinar dedicated to automotive software safety and security.
1. Latest safety and security standards for automotive software (ISO 26262, ISO 21434, and SOTIF) and how they impact software developers' work - Amin Amini, CertX
2. How to implement coding best practices to ensure the highest levels of safety & security in software in autonomous vehicles - Arnaud Telinge, EasyMile
3. How can code analysis tools be leveraged to help reach ISO 26262 and ISO 21434 demands more efficiently - Fabrice Derepas, TrustInSoft
Safety Verification and Software aspects of Automotive SoCPankaj Singh
IP-SoC Conference 2017 Grenoble
Automotive industry has evolved over last 100 years. Electronic systems were
introduced into the automotive industry in 1960. Since then the complexity has grown
many fold and today’s automobiles have as many as 150 programmable computing
elements or Electronic Control Units(ECUs) with several wiring connections.
The software content has also increased significantly with today’s car having more than
100 million of lines of software code.
This increased hardware and software complexity increases the risk of failure that could
impact negatively on vehicle safety. This has led to concerns regarding the validation of
failure modes and the detection mechanisms. Car maker and suppliers need to prove
that, despite increasing complexity, their electronic systems will deliver the required
functionality safely and reliably.
This presentation describes the challenges and methodology related to Safety
verification and Software development aspects of Automotive Microcontroller SoC.
This document provides 10 facts comparing Check Point's cybersecurity solutions to those of competitors like Cisco, FireEye, Fortinet, and Palo Alto Networks. The key points summarized are:
1) Check Point has received the most "Recommended" ratings from independent testing firm NSS Labs, indicating high security effectiveness and value.
2) Some competitor solutions allow malware to enter networks for 5 minutes before inspection, whereas Check Point inspects all traffic immediately.
3) Check Point inspects PDF files up to 100MB in size while some competitors only inspect up to 1MB, missing larger threats.
4) Some competitors take security shortcuts to improve price/performance ratios that could leave holes, while security is
Primer: The top ten automotive cybersecurity vulnerabilities of 2015Rogue Wave Software
If you’re trying to build connected automotive software that’s both bulletproof and secure, you’ve got a big task ahead of you; knowing where to focus your time and energy can be half the challenge.
Nearly 90% of all detected security holes can be traced back to just ten types of vulnerabilities. Take a quick walk through the top ten in this primer presentation.
Check out the last slide for links to detailed information about these vulnerabilities and fixes, including a webinar and white paper by automotive industry experts.
Top 5 best practice for delivering secure in-vehicle softwareRogue Wave Software
This document outlines best practices for delivering secure in-vehicle software. It discusses five practices: 1) Manage and mitigate issues through static code analysis and testing to find vulnerabilities early, 2) Build security into the development workflow by integrating security checks from the start, 3) Enforce standards and ensure compliance with tools to check for adherence to guidelines like MISRA and ISO 26262, 4) Manage open source risk through policies, inventorying, and ongoing governance, and 5) Streamline processes with continuous integration, automation, and security/compliance checks integrated into the pipeline. The presentation emphasizes finding and fixing issues early, making security everyone's responsibility, and using tools to enforce best practices.
Four things that are almost guaranteed to reduce the reliability of a softwa...Ann Marie Neufelder
This presentation shows the four things that have been quantitatively associated with distressed software intensive systems. Identifying these 4 things early in the system life cycle is essential for avoiding or mitigating a failed software project.
Some of the most famous information breaches over the past few years have been a result of entry through embedded and IoT system environments. Often these breaches are a result of unexpected system architecture and service connectivity on the network that allows the hacker to enter through an embedded device and make their way to the financial or corporate servers. Experts in embedded security discuss key security issues for embedded systems and how to address them.
Corey Thuen of Digital Bond Labs describes in technical detail how Havex/Dragonfly enumerated OPC servers.
Havex is the second ICS malware ever seen in the wild.
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & DefensesRiscure
Secure Boot is widely deployed in modern embedded systems and an essential part of the security model. Even when no (easy to exploit) logical vulnerabilities remain, attackers are surprisingly often still able to compromise it using Fault Injection or a so called glitch attack. Many of these vulnerabilities are difficult to spot in the source code and can only be found by manually inspecting the disassembled binary code instruction by instruction.
While the idea to use simulation to identify these vulnerabilities is not new, this talk presents a fault simulator created using existing open-source components and without requiring a detailed model of the underlying hardware. The challenges to simulate real-world targets will be discussed as well as how to overcome most of them.
Liam Randall of Critical Stack at S4x15 Operation Technology Day. Liam is a Bro guru and describes how it can be used to monitor communications, detect attacks and analyze data.
STAAF, An Efficient Distributed Framework for Performing Large-Scale Android ...Praetorian
There has been no shortage of Android malware analysis reports recently, but thus far that trend has not been accompanied with an equivalent scale of released public Android application tools or frameworks. To address this issue, we are presenting the Scalable Tailored Application Analysis Framework (STAAF), released as a new OWASP project for public use under Apache License 2.0. The goal of this framework is to allow a team of one or more analysts to efficiently analyze a large number of Android applications. In addition to large scale analysis, the framework aims to promote collaborative analysis through shared processing and results.
Our framework is designed using a modular and distributed approach, which allows each processing node to be highly tailored for a particular task. At the heart of the framework is the Resource Manager (RM) module, which is responsible for tracking samples, managing analysis modules, and storing results. The RM also serves to reduce processing time and data management through the deduplication of data and work, and it also aids with the scheduling of tasks so that they can be completed as a pipeline or as a single unit. When processing begins, the RM uses several default "primitive" modules that carry out the fundamental operations, such as extracting the manifest, transforming the Dalvik bytecode, and extracting application resources. The analysis modules then use the raw results to extract specific attributes such as permissions, receivers, invoked methods, external resources accessed, control flow graphs, etc., and these results are then stored in a distributed data store, after which the information can be queried for high level trends or targeted searches.
The modular nature of our framework allows independent analyses to happen on a per module basis, and the results of this data processing can be merged with other results at a later time. This design promotes an agile approach to large scale analysis, because it permits a wide array of analysis to happen distributively and in parallel. This means that teams with different needs or schedules can complete time-sensitive tasks separately with minimized data processing pipelines, while allowing more complex or time intensive tasks to be added later. Additionally, if analysis needs to be branched at some point in the pipeline, intermediate results can be retained and additional modules can be added leveraging the results from the past analysis steps. The results are also stored in a distributed database and designed to be queried using a map-reduce style query, which offers performance efficiencies as well as allowing the transparent inclusion of remote third party analysis databases. By using this plug-in style analysis framework, we are able to attain more efficient processing schedules and tailor the analysis for a specific need.
This framework is designed to be scalable and extensible, and the initial offering of this framework includes several modules...
Application Security in a DevOps World: Three Methods for Shifting Left Operations has always resided clearly outside of development. Release candidates are tossed over the fence by development and operations was expected to “just make it work.” The same can be said about many other activities, including application security. This isn’t intended to be derision aimed at development—it’s just a feature of how processes have historically been demarcated. But with the emergence of the DevOps movement, organizations are beginning to apply the “shift-left” principle associated with early testing toward other facets of application development. Security, which has been treated as something you can test into an application, should be built into an application according to DevOps principles. In this presentation, we discuss how to get development and operations working together to build security into the application. We’ll outline three methods and discuss their merits and drawbacks:
• Penetration testing: This is the approach most commonly used.
• Hybrid testing: By applying flow (dynamic analysis) early in the process, you can that look for possible paths through the code that lead to security flaws.
• Preventative testing: By taking a standards-based approach and implementing a set of activities that target defects that lead to security vulnerabilities, you are able to get ahead of security issues that diminish the effectiveness of DevOps approaches.
Norse Live Attack Map http://map.ipviking.com/
8,000,000 sensors in 200 data centers in 50 countries – designed to look like everything
The top 5,000,000 worst IPs on the internet
"There are very rarely attacks against Canada, for whatever reason. I guess they're just too nice."
See also http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=16447&view=map for DDOS live
Advanced red teaming all your badges are belong to usPriyanka Aash
The document is a presentation by Eric Smith and Josh Perrymon of LARES on red teaming and advanced RFID attacks. It begins with an introduction to red teaming and how it is used to test security measures. It then provides overviews of RFID technologies, traditional and advanced attacks against access control systems using RFID badges, and recommendations for risk mitigation and remediation. The presenters have extensive experience in security and red teaming and demonstrate attacks such as RFID cloning, privilege escalation, and blended attacks.
Рабочие нагрузки Skype for business 2015 UC LabUC2
The document announces an upcoming UC2 meeting on April 26, 2016 featuring presentations on Exchange 2013/2016 transport high availability and Avaya networking solutions for Microsoft UC. It also advertises live streaming of the event over Skype for Business Online. Presentation topics for a March 29 event at the Microsoft Technology Center include Skype for Business 2015 workload routing, port/protocol usage, and traffic modeling/simulation solutions from Microsoft and IXIA.
This document discusses enterprise software security and provides examples of how organizations like Accenture and ANZ Bank have implemented software security programs using Fortify's platform. It describes what organizations are protecting (e.g. personal information, financial data), the risks of data breaches, and case studies of past breaches at companies like Heartland Payment Systems. It then outlines how ANZ Bank established a "SAFE Program" using Fortify to integrate security practices into development and meet compliance obligations. The document promotes Fortify as a software security partner that can help achieve compliance, identify vulnerabilities, and effectively manage security programs.
From IT to IoT: Bridging the Growing Cybersecurity DividePriyanka Aash
With the widespread growth of IOT devices and services, security is a priority. This session will discuss the challenges of implementing security solutions for IoT services for security professionals who are looking at things from an IT viewpoint. Traditional IT security solutions may not be directly applicable to the IoT ecosystem. New IoT specific threats and challenges need to be addressed.
Learning Objectives:
1: Learn about the top IoT threats.
2: Discover how to address threats using new design process not old IT process.
3: Understand the security lifecycle differences between IT and IoT.
(Source: RSA Conference USA 2018)
Revised IEEE 1633 Recommended Practices for Software ReliabilityAnn Marie Neufelder
The IEEE 1633 document provides guidance on applying software reliability engineering practices during development. It outlines key tasks such as determining system reliability objectives, performing early software reliability predictions, integrating predictions into overall system models, determining total reliability needed from software, and planning reliability growth. The document aims to help reliability engineers and software engineers collaborate to establish objectives and metrics for individual software components.
1) The document discusses securing IoT devices and infrastructure through X.509 certificate-based identity and attestation, TLS-based encryption, and secure provisioning and management.
2) It describes securing the cloud infrastructure with Azure Security Center, Azure Active Directory, Key Vault, and policy-based access controls.
3) The document promotes building security into devices and infrastructure from the start through standards-based and custom secure hardware modules.
The presentation focuses on the responsibilities, practices, processes, tools, and techniques that systematically increase security in the software development lifecycle (SSDLC). Software should be provisioned uniformly declarative regardless of whether software artifacts are produced in-house or purchased. This is the foundation for effective quality and security standardization, which are key facilitators of reliability engineering.
How To Improve Quality With Static Code Analysis Perforce
Programmers aren’t perfect. Testing and manual code reviews can’t find every problem in code. So, bugs persist. And it’s only going to get worse as your systems grow larger and more complex.
How can you find critical problems in your code? And still release a quality product on time?
Static code analysis might be the answer you’re looking for.
Find out why:
-Bug-free software is hard to achieve.
-Automated tools are the way to go.
-Safe, secure, and reliable software can be achieved at lower costs.
Plus, you’ll see examples of bugs easily missed by manual code reviews. And you’ll learn how static code analysis and manual code reviews work together.
In this presentation, we explain why OAuth and SSL are not enough when it comes to API Security, and that you should also think about addressing other aspects such as confidentiality, integrity, audit or compliance requirements. We expose the tactics to address each of those aspects, and a set of recommendations to apply immediately to your APIs development.
Coverity is a static analysis and software security testing platform that identifies critical defects and vulnerabilities in code during development. It provides deep and accurate code analysis, actionable remediation guidance to help developers address issues, and seamlessly integrates into development workflows and tools. Coverity scales to large codebases and teams and helps reduce risks and costs from defects found late in the development cycle.
Secure-by-Design Using Hardware and Software Protection for FDA ComplianceICS
This webinar explores the “secure-by-design” approach to medical device software development. During this important session, we will outline which security measures should be considered for compliance, identify technical solutions available on various hardware platforms, summarize hardware protection methods you should consider when building in security and review security software such as Trusted Execution Environments for secure storage of keys and data, and Intrusion Detection Protection Systems to monitor for threats.
This document discusses automotive cyber security. It begins by outlining the evolution of automotive technology and the increased connectivity of modern vehicles. This connectivity introduces new security challenges as vehicles can be attacked remotely by hackers. The document then classifies different types of attackers and attacks, including logical and physical attacks. It discusses methods for secure component identification using cryptography and physically unclonable functions. The document also covers secure software initialization, updates, and architectures. Finally, it discusses secure vehicular communication.
This presentation explores how busting software bugs does more than ensure the reliability and performance of your software—it helps ensure application security.
Topics covered include:
How AppSec processes are really quality processes
How software bugs are really security vulnerabilities
How to apply coding standards as part of a continuous testing process to prevent defects from affecting the safety, security, and reliability of your applications
This document summarizes an on-demand software and application security assessment service that identifies security risks and vulnerabilities in software code and applications. It conducts both static analysis of binary code and dynamic testing of applications to determine compliance with security standards. The service is offered to help software vendors, system integrators, and development organizations evaluate the security of their applications in a timely and cost-effective manner without requiring access to source code.
Securing the Digital Frontier: SecurityGen's Telecom Cybersecurity SolutionsSecurityGen1
In an increasingly interconnected world, the telecommunications industry serves as the backbone of global communication networks. However, with the rapid expansion of digital infrastructure comes the heightened risk of cyber threats. SecurityGen is at the forefront of telecom cybersecurity, offering comprehensive solutions designed to safeguard critical telecommunications infrastructure against evolving cyber risks. Our innovative approach combines cutting-edge technology, industry expertise, and proactive threat intelligence to ensure the resilience and security of telecom networks worldwide.
Guardians of Connection: Signalling Protection in the Digital AgeSecurityGen1
Signalling protection, a vital aspect of modern communication systems, plays a pivotal role in maintaining the integrity and security of data transmission. In today's interconnected world, where information flows through various networks, the need for robust protection mechanisms is paramount. SecurityGen, a leading innovator in the field of cybersecurity, has been at the forefront of developing cutting-edge technologies to safeguard signalling channels.
Agenda:
- SDLC vs S-SDLC
- Mobile development security process
- What tools using for security testing?
- How to integrate into existing processes?
- What additionally you can do?
Security Automation by integrating SAST(Static Application Security Testing),DAST(Dynamic Application Secuirty Testing) and SIEM (Security Information and Event Management) tools with Jenkins.
By automating Security(SAST,DAST,SIEM) developers can them selves perform VA and monitor on application without going to IT and Security team
Below Tools are used to Automate everything:
SAST - Fortify,CheckMarx
DAST - IBM App Scan,OWASP ZAP,HP Web Inspect
SIEM - Alien Vault
Fuzzing101: Unknown vulnerability management for TelecommunicationsCodenomicon
This document summarizes a webinar about fuzzing and unknown vulnerability management for telecommunications. The webinar was presented by Juha-Matti Tirilä and Tero Rontti from Codenomicon and covered topics like the growing complexity and attack vectors in telecommunications, definitions of fuzzing and different fuzzing techniques, challenges with vulnerability management, and a case study on fuzzing MPEG2-TS files. The goal of unknown vulnerability management is to have a framework for applying proper security testing procedures to identify vulnerabilities before they are discovered and exploited.
Cyber security webinar 6 - How to build systems that resist attacks?F-Secure Corporation
This document summarizes strategies for building secure systems. It discusses making security a core requirement from the beginning, employing secure software architecture and development practices, isolating processes using sandboxes, avoiding cleartext data, using libraries carefully and keeping them updated, auditing code, and continuously improving security. The overall message is that security must be prioritized throughout the entire system development lifecycle in order to successfully build resilient systems.
Unleashing the Power of Breach and Attack Simulation with SecurityGenSecurityGen1
Strengthening your organization's cybersecurity has never been more crucial, and SecurityGen is here to empower you with cutting-edge solutions. Our Breach and Attack Simulation (BAS) services are designed to proactively assess your security posture, identifying vulnerabilities before malicious actors can exploit them. With SecurityGen's user-friendly approach, you can now navigate the complex landscape of cybersecurity with ease.
Telecom networks have witnessed a rapid digital transformation in recent times. In addition to
the introduction of Virtualization, Cloud, Artificial Intelligence, Internet of Things, and
disaggregation, efforts are underway to implement 5G networks while ensuring continued
compatibility with 2G, 3G, and even 4G/LTE networks
In response to this challenge, inSOC has
developed a layered security solution
comprised of enterprise grade tool sets,
framework-driven onboarding and escalation
processes and a team of highly qualified
security professionals that have eyes on glass
24/7/365.
All inclusive pricing structures
Mix and match offerings
Flexible contract lengths
Sales enablement
Minimal operational overhead
MSSP Accelerator self paced training
Advanced cybersecurity certification leading
to SSAE 19 certification
MSSP Accelerator
program is designed to
fast track the MSP's
security practice and
unlock the potential
revenue streams available
by delivering enterprisegrade security services, via
a self-paced online course
and sales enablement.
The Accelerator program
can then lead to SSAE-19
certification underlining
your value and enabling you
to establish yourself as a
leader in the field. SSAE 19
is a consultancy led
certification program, taking
a minimum 12 months to
complete.
We provide an
advanced onboarding
to harden
environments to a set
standard
Our wraparound SOC
team is lead by highly
qualified security
professionals including
CISSPs and CCIEs, to
ensure best-in-class
delivery 24/7/365
And we base
everything on the NIST
Cybersecurity
Framework
inSOC’s tools and processes are centred
around the NIST 800 Cybersecurity
framework and the Centre for Internet
Security’s Top 20 Critical Security Controls.
The implementation of this known and
trusted security framework significantly
reduces the risk of breach in the first place,
minimising alert noise and pinpointing true
threats proactively and reactivel
Benchmarks
• Base on established security frameworks
• We recommend the Center for Internet Security
• Windows OS benchmark is 1200+ pages
• Subscription to CIS for preconfigured GPO scripts
Playbooks
• Create benchmark playbooks to manage hardening tasks consistently
• Base playbooks on established security frameworks and benchmarks
• Capture audit ready evidence and attach to playbook
• Manage tasks and dependent projects
Change Control
• Manage any hardening initiative with a standard change control methodology
• Beta testing, user acceptance testing, release
Testwell CTC++ is a code coverage tool that analyzes test coverage for all code coverage levels. It supports all compilers, targets, and platforms with minimal overhead. The tool generates coverage reports that help improve test cases, find untested code, and show coverage for safety standards compliance. It analyzes C and C++ code and has add-ons for Java and C#. The document promotes additional tools from Verifysoft that analyze code complexity and quality.
Similar to Proving the Security of Low-Level Software Components & TEEs (20)
WhatsApp Tracker - Tracking WhatsApp to Boost Online Safety.pdfonemonitarsoftware
WhatsApp Tracker Software is an effective tool for remotely tracking the target’s WhatsApp activities. It allows users to monitor their loved one’s online behavior to ensure appropriate interactions for responsive device use.
Download this PPTX file and share this information to others.
Explore the latest in ColdBox Debugger v4.2.0, featuring the Hyper Collector for HTTP/S request tracking, Lucee SQL Collector for query profiling, and Heap Dump Support for memory leak debugging. Enhancements like the revamped Request Dock and improved SQL/JSON formatting streamline debugging for optimal ColdBox application performance and stability. Ideal for developers familiar with ColdBox, this session focuses on leveraging advanced debugging tools to enhance development efficiency.
Lots of bloggers are using Google AdSense now. It’s getting really popular. With AdSense, bloggers can make money by showing ads on their websites. Read this important article written by the experienced designers of the best website designing company in Delhi –
Sami provided a beginner-friendly introduction to Amazon Web Services (AWS), covering essential terms, products, and services for cloud deployment. Participants explored AWS' latest Gen AI offerings, making it accessible for those starting their cloud journey or integrating AI into coding practices.
IN Dubai [WHATSAPP:Only (+971588192166**)] Abortion Pills For Sale In Dubai** UAE** Mifepristone and Misoprostol Tablets Available In Dubai** UAE
CONTACT DR. SINDY Whatsapp +971588192166* We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai** Sharjah** Abudhabi** Ajman** Alain** Fujairah** Ras Al Khaimah** Umm Al Quwain** UAE** Buy cytotec in Dubai +971588192166* '''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol** Cytotec” +971588192166* ' Dr.SINDY ''BUY ABORTION PILLS MIFEGEST KIT** MISOPROSTOL** CYTOTEC PILLS IN DUBAI** ABU DHABI**UAE'' Contact me now via What's App… abortion pills in dubai Mtp-Kit Prices
abortion pills available in dubai/abortion pills for sale in dubai/abortion pills in uae/cytotec dubai/abortion pills in abu dhabi/abortion pills available in abu dhabi/abortion tablets in uae
… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all** Cytotec Abortion Pills are Available In Dubai / UAE** you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pills in Dubai** UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if it's beyond 6 months. Our Abu Dhabi** Ajman** Al Ain** Dubai** Fujairah** Ras Al Khaimah (RAK)** Sharjah** Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical** medical and surgical abortion methods for early through late second trimester** including the Abortion By Pill Procedure (RU 486** Mifeprex** Mifepristone** early options French Abortion Pill)** Tamoxifen** Methotrexate and Cytotec (Misoprostol). The Abu Dhabi** United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used** 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need for surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi** United Arab Emirates** uses the latest medications for medical abortions (RU-486** Mifeprex** Mifegyne** Mifepristone** early options French abortion pill)** Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi** United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our
Non-Functional Testing Guide_ Exploring Its Types, Importance and Tools.pdfkalichargn70th171
Are you looking for ways to ensure your software development projects are successful? Non-functional testing is an essential part of the process, helping to guarantee that applications and systems meet the necessary non-functional requirements such as availability, scalability, security, and usability.
Discover BoxLang, the innovative JVM programming language developed by Ortus Solutions. Designed to harness the power of the Java Virtual Machine, BoxLang offers a modern approach to application development with robust performance and scalability. Join us as we explore the capabilities of BoxLang, its syntax, and how it enhances productivity in software development.
Explore the rapid development journey of TryBoxLang, completed in just 48 hours. This session delves into the innovative process behind creating TryBoxLang, a platform designed to showcase the capabilities of BoxLang by Ortus Solutions. Discover the challenges, strategies, and outcomes of this accelerated development effort, highlighting how TryBoxLang provides a practical introduction to BoxLang's features and benefits.
Proving the Security of Low-Level Software Components & TEEs
1. 1
Proving the Security of Low-Level
Software Components & TEEs
Mathematically Guaranteed
Quality, Security and Safety on C and C++ Code
2. 2
You will get the slides via
email
You will get the recording in the coming
days
Please ask questions in the Q&A
section
Vic Sharma
US executive
Jakub Zwolakowski
R&D engineer
Welcome !
4. 4
Over the last 5 years alone firmware
vulnerabilities have gone up by over 573%
More than 80% of the enterprises have
experienced at least one firmware attack in the
past two years
4 in 10 companies breached through a mobile device.
Semiconductor TEE component vulnerability
exposes millions of mobile devices to security
threats.
Preventing device-level attacks targeting low-level
software is the next frontier in cybersecurity.
Cyberattacks on critical infrastructure are on the
rise.
5. 5
Hybrid code Analyzer combining advanced
static and dynamic analysis techniques together
with formal methods to mathematically
guarantee C/C++ code quality & maximize code
security and safety
TrustInSoft Analyzer
6. 6
Resolving the
Achilles’ heel of C and
C++:
Detecting all
Undefined Behaviors
• Memory access
• Buffer overflow
• Access out of bounds
• Invalid pointers usage
• Non-initialized variables
• etc…
• Arithmetic operations
• Division by zero
• Integer signed overflows
• Overflow in float-to-int conversion
• NaN in float computation
• etc…
• Race conditions
Unpredictable outputs or program execution
Code execution by an attacker & program intrusion
Software misbehavior or crash
Undefined behaviors are complex to detect
and can lead to disastrous consequences:
8. 8
The best-of benefits of security testing
TrustInSoft Analyzer Traditional static analyzers
Analysis type Semantic Syntactic
What it does
Applies formal methods to look for issues that cause undefined
behaviors and checks execution for all possible input values
Looks for suspicious code constructs / coding rules
compliance
Sound Yes No
False positives / False negatives Some/ No Many / Yes
Input Tests Coding rules
Output All undefined behaviors detected / confidence on code quality List of potential bugs
10. 10
Secure Communication
ARM Mbed TLS
SSL/TLS Without Undefined Behavior
A unique, first-of-its-kind result from the analysis
performed using TrustInSoft Analyzer demonstrated,
how the ARM Mbed TLS stack, in a described
configuration, is immune to popular vulnerabilities
including buffer overflows. The verification report
details how to compile, configure and deploy the
Mbed TLS in a given perimeter in order to be
immune from all attacks caused by CWE 119 to 127,
369, 415, 416, 457, 476, 562, 690. All bugs of those
kind were found and removed.
Link to the full verification report: http://trust-in-
soft.com/polarssl-verification-kit
11. 11
2016: NIST report
to the white
house
NIST underlines in a report to the White House a result
unique in the world performed by TrustInSoft: a
mathematical assessment of absence of buffer overflow or
memory error in the ARM Mbed TLS, which is at the core of
ARM’s mbed environment.
12. 12
Device Driver Security
AIS2DW12 Driver Analysis
(STMicroelectronics)
The platform-independent sensor driver stack for
the AIS2DW12 digital output motion sensor for
Automotive applications from STMicroelectronics
was analyzed using TrustInSoft Analyzer to verify
absence of undefined behaviors in the source code
of the driver. Within the perimeter of the defined
tests, through exhaustive analysis, our tool was able
to mathematically guarantee that for any given
authorized input and any execution path, there were
no undefined behaviors in the driver.
13. 13
13
ST AIS2DW12 Accelerometer - Driver Analysis
The AIS2DW12 3-axis accelerometer was selected as it had the
most recent contributions on github
TIS Analyzer determined, simulated and cascaded the superset of all
possible inputs, code values and behaviors
Buffer overflow identified and fixed in less than 1,5 hour (incl. the
time to get familiar with ST datasheet and driver)
With the proposed fix and the analysis run again, TIS confirms that
for all existing tests, whatever registers the HW contains, the driver
has no undefined behavior
14. 14
Linux Kernel Driver
Linux Kernel Driver – GT9xx (Goodix)
The GT9xx is a Linux Kernel Driver for the Goodix
GT915 capacitive touch chip used in medium and
large sized mobile phones. A formal analysis was
performed on this kernel driver using TrustInSoft
Analyzer, and it was concluded that given the
perimeter of the analysis, the driver is safe from a
large number of vulnerabilities that could
compromise the complete operating system. Within
the perimeter, the TrustInSoft Analyzer was able to
guarantee the absence of undefined behavior for the
GT9xx driver.
15. 15
15
Goodix GT915 capacitive touch Driver
• We simulated and modelized the HW (Linux Kernel and the driver) for a fixed
configuration: HW contains the address of the register to be read following I2C read
request i.e. when screen is touched
• TIS Analyzer determined, simulated and cascaded the superset of all possible inputs,
code values and behaviors. What happens in case of a material defect or if a hacker
simulates a screen touch with 256 fingers at the same time? Is the driver robust
enough to cope with it?
• TIS confirms absence of undefined behavior and driver’s immunity to following
families of vulnerabilities: CWE 119 to 127, 369, 415, 416, 457, 476, 562, 690 within
the analysis’ model and perimeter
16. 16
Trusted Execution
Environment (TEE)
Security
TrustInSoft Analyzer delivers bullet-proof TEE security
to Semiconductor Manufacturers - by detecting critical
firmware vulnerabilities, early in the development cycle;
and providing a mathematical guarantee on absence of
undefined behaviors.
Exhaustive analysis to secure various TEE components
including: TEE Kernel, Secure Monitor, Bootloader,
Trusted Applications.
Address critical TEE issues: From software bugs (such as
buffer overflow or integer overflow) - to side channel
attacks or concurrency issues.
Ensure there are no inconsistencies between the expected
requirements of the TEE firmware and its implementation.
17. 17
Incremental journey to maximum security & safety
Replay existing tests Generalize inputs & static analysis Check functional implementation
• Instant productivity: find more bugs quicker
• Mathematical guarantee that Undefined
Behaviors resulting from discrete tested
values are all detected
• 0 false positives & 0 false negatives
• Mathematical guarantee that all Undefined
Behaviours are detected
• 0 false negatives
• Achieve up to 100% coverage on critical tests
• Ensure implemented SW architecture and
functions behave in line with spec
• Full mathematical guarantee for safety and
security
1. Interpreter 2. Analyzer 3. Functional proof
18. 18
Empowering SW developers & testers to…
Ensure absence of crashes and
deterministic behavior. Detect 0-days
before they are known. Platform
specific analysis without compiling.
Exhaustively find and fix all Undefined
Behaviors
incl. the most hidden ones
Determines and propagates the
superset of all possible code values in
execution paths.
Boost coverage. Perform quickly
the equivalent of billions of tests
with 1 generalized inputs test
Functional proof & absence of
Undefined Behaviors (e.g. buffer
overflow).
Get mathematical guarantees on
software security/safety
Code
safety
&
security
19. 19
How is it deployed
TrustInSoft Analyzer can be installed on a dedicated server, either
on-premises or in SaaS
Can be accessed through a
web browser or via
command line interface
Can be integrated to existing
DevOps and Continuous
Integration process via
command line
20. 20
Our customers’ primary drivers
§ Reduce SW test coverage costs
§ Bugs identification &
remediation optimization
§ Bug correction prioritization
(no false positive)
§ Perform tests as if on target
IMPROVE OPERATIONAL
EFFICIENCY
§ Position safety and/or
security as a feature to gain
market share
§ Get certification level /
smooth customer validation
as a price premium
§ Secure Time to Market
sensitive opportunities
GENERATE REVENUE
OPPORTUNITIES
CONTROL
FINANCIAL RISK
§ Reduce field support costs
post-production
§ Avoid brand/image valuation
impact
Beyond Software Security and Safety
22. The Code
• The GTXX driver source code used for the analysis
was taken from this repository 1 :
• The commit used for the analysis is
f7d281d16eff5031b39c41e6af6c527ecec31385
• The product's official data-sheet was used to model the
hardware behavior 2 :
2
1 https://source.codeaurora.org/quic/la/kernel/msm-3.18/tree/drivers/input/touchscreen/gt9xx?h=LA.HB.1.1.1.c2
2 https://datasheetspdf.com/pdf/945606/GOODIX/GT915/1
23. 2 perimeters of analysis
• We suppose that the attacker controls the hardware
(through interrupts).
• Result:
proven IMMUNITY to a set of security weaknesses.
• We suppose that the attacker has direct access
to the device's proc file (through the OS filesystem).
• Result:
found potential VULNERABILITIES!
3