You are here
Automatic Detection and Patching of Vulnerabilities in Embedded Systems
Title: Senior Scientist
Phone: (607) 273-7340
Email: gopan@grammatech.com
Title: program manager
Phone: (607) 273-7340
Email: dburrows@grammatech.com
Recent studies have shown that embedded systems are extremely vulnerable to security attacks. Some published exploits include remote hijacking of the electronic systems in a modern car and using IP phones and smart televisions to perform covert surveillance of their owners. In this project, we are building a system that removes known vulnerabilities from embedded software and adds protections to prevent exploits of undiscovered vulnerabilities; by integrating with vulnerability detection technology, we will largely automate vulnerability patching, although without formal specifications, some human review will be necessary. Our system uses static rewriting of the software binaries either prior to or after deployment and will integrate with and complement other GrammaTech tools developed under various DoD contracts.The proposed system will operate directly on software binaries, even in the absence of source code or symbol information, applying both to newly developed software and legacy software. The system will be retargetable to different instruction sets to accommodate a variety of embedded systems platforms. To ensure that added protections do not break the functionality of a program, the proposed system will verify that the rewritten program is semantically equivalent to the original program, except for the corrected flaws.
* Information listed above is at the time of submission. *