Embedded Security

Stefan Nürnberger

Global References

This is a list of all references found in the slides:

 

  1. "98% of all produced processors run in embedded systems"
  2. PIC16F 8 Bit Microcontroller Family Datasheet
  3. AVRdude Project and Source (best use avrdude package from your distribution)
  4. Cross-Platform Hex Editor wxHexEditor
  5. Draw Circuits with EasyEDA
  6. Draw Circuits, PCBs and Breadboard Layouts with Fritzing
  7. Resistor Colour Code Calculator
  8. Paul Kocher, Joshua Jaffe, Benjamin Jun, “Differential Power Analysis”, 
Annual International Cryptology Conference. Springer, Berlin, Heidelberg, 1999

  9. Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying
    Kangjie Lu, Marie-Therese Walter, David Pfaff, Stefan Nürnberger, Wenke Lee, Michael Backes.
    24th Annular Symposium on Network and Distributed System Security (NDSS 2017), 2017.

  10. XBox360 Timing Attack http://beta.ivc.no/wiki/index.php/Xbox_360_Timing_Attack

  11. The TEMPEST Program by the NSA (Nowadays also certification against EM eminence)
    https://www.iad.gov/iad/programs/iad-initiatives/tempest.cfm

  12. FYI: TEMPEST can play music https://www.youtube.com/watch?v=VqASS1ZE9R8

  13. Kuhn, Markus G., and Ross J. Anderson. "Soft tempest: Hidden data transmission using electromagnetic emanations." International Workshop on Information Hiding. Springer, Berlin, Heidelberg, 1998.

  14. “Lest we Remeber: Cold Boot Attacks”, J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten., USENIX Security 2008

  15. Automatic Key Finder for AES & RSA
    https://citp.princeton.edu/research/memory/code/

  16. RamCrypt: Kernel-based Address Space Encryption for User-mode Processes. Johannes Götzfried, Tilo Müller, Gabor Drescher, Stefan Nürnberger, Michael Backes. ACM SIGSAC Symposium on Information, Computer and Communications Security (ASIACCS), 2016.

  17. PAM Login util-linux/login-utils/auth.c https://github.com/karelzak/util-linux/blob/master/login-utils/auth.c

  18. ChipWhisperer https://newae.com/tools/chipwhisperer/

  19. “Differential Power Analysis”, Paul Kocher, Joshua Jaffe, Benjamin Jun,
    Annual International Cryptology Conference.
    Springer, Berlin, Heidelberg, 1999

  20. Mordechai Guri, Boris Zadov, Eran Atias,Yuval Elovici, “LED it go”,
    https://cyber.bgu.ac.il//advanced-cyber/system/files/LED-it-GO_0.pdf

  21. ASLR on the line: Practical cache attacks on the MMU
    Gras, B., Razavi, K., Bosman, E., Bos, H., & Giuffrida, C. (2017). NDSS (Feb. 2017).

  22. Google Retpoline https://support.google.com/faqs/answer/7625886

  23. "Error handling of in-vehicle networks makes them vulnerable."
    Cho, Kyong-Tak, and Kang G. Shin. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2016.

  24. Volkswagen Self-Study Program 238 http://www.volkspage.net/technik/ssp/ssp/SSP_238.pdf

  25. Volkswagen Self-Study Program 269 (http://www.volkspage.net/technik/ssp/ssp/SSP_269_d1.pdf)

  26. VatiCAN Authentication Solution is open source: http://www.automotive-security.net/vatican

  27. Radio Frequency Spectrum from WiseGeek

Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.