Navigation To modulepage
Display language

Embedded Systems Security Labor

6 LP

English

#40441 / #3

SS 2016 - WS 2016/17

Fakultät IV

TEL 17

Institut für Softwaretechnik und Theoretische Informatik

34355100 FG S-Professur Security in Telecommunications

Seifert, Jean-Pierre

Nordholz, Jan Christoph

lehre@sec.t-labs.tu-berlin.de

No information

POS-Nummer PORD-Nummer Modultitel
170080 29651 Embedded Systems Security Lab

Learning Outcomes

This module’s qualification aims are: 1. Understanding of security relevant interfaces (hard- and software) of (embedded) computer systems 2. Practical experience in identifying, exploiting, and fixing of vulnerabilities in hard- and software 3. A profound evaluation of system security

Content

The security lab offers students the opportunity to learn how to analyze the system security of Linux-based systems with an emphasis on embedded platforms. It covers topics from hardware security and debug facilities and then moves on to software security issues in applications and finally the kernel. This course focuses on practically relevant details and hands-on experience instead of providing thorough theoretical background information. Students will have to solve multiple challenges where a system has to be analyzed and then compromised. The lab is organized as a practical course (PR) and students will be working in small groups with state-of-the-art Linux-based embedded systems (ARM/x86/MIPS architecture, e.g. Pandaboard, Raspberry Pi, Carambola, Galileo). TOPICS: • Serial interface • ARM/MIPS introduction • JTAG hardware debugging interface • OpenOCD, BusPirate, BusBlaster • Software debugging with GDB • Linux security tools • Public key cryptography, certificates and signatures • Shellcode • Memory corruption vulnerabilities • NX/XD/XN, ASLR, stack canaries • ELF binary format • Heap structure • Integer overflows • Kernel security

Module Components

Pflichtteil:

All Courses are mandatory.

Course Name Type Number Cycle Language SWS
Security Lab PR 0434 L 972 WS/SS No information 4

Workload and Credit Points

Security Lab (PR):

Workload description Multiplier Hours Total
1. Per Assignment: 0.0 0.0h 0.0h
1a. Security Analysis 6.0 7.0h 42.0h
1b. Vulnerability Background Research 6.0 5.0h 30.0h
1c. Proof of Concept Exploit 6.0 8.0h 48.0h
1d. Written Solution 6.0 5.0h 30.0h
2. Presence Hours 15.0 2.0h 30.0h
180.0h(~6 LP)
The Workload of the module sums up to 180.0 Hours. Therefore the module contains 6 Credits.

Description of Teaching and Learning Methods

The module consists of a practical course. Attendance is mandatory!

Requirements for participation and examination

Desirable prerequisites for participation in the courses:

Prerequisites: • knowledge equivalent to the "Software Security" lecture • familiarity with Unix/Linux operating system primitives (e.g. using a command line) Recommended additional skills: • basic networking concepts and tools (DNS, DHCP, NAT, ...) • low-level programming concepts (pointers, registers, stack vs. heap, ...) • basic concepts of cryptography In order to complete the assignments, each group needs at least one computer with administrator privileges (i.e. being able to log into university computers is insufficient) preferrably running Linux. It is possible to complete the tasks while using Windows or MacOS as well, but the teaching staff cannot provide guidance on those operating systems.

Mandatory requirements for the module test application:

No information

Module completion

Grading:

graded

Type of exam:

Portfolio examination

Language:

English

Typ of portfolio examination

No information

Test elements

Name Categorie Duration/Extent
(deliverable assessment) 6 assignments, 20 pts each 120 No information

Grading scale

No grading scale given

Test description (Module completion)

This module will be tested as a portfolio exam, i.e. you accumulate points during the course of the module for the following partial performances: • (Practical Course) 6x practical assignments: up to 20 points each The total number of points (0-120) is then scaled linearly to the range (0-100) and converted into a final grade according to Conversion Table 2 of School IV.

Duration of the Module

This module can be completed in one semester.

Maximum Number of Participants

The maximum capacity of students is 40.

Registration Procedures

Registration for the module is handled through QISPOS.

Recommended reading, Lecture notes

Lecture notes

Availability:  unavailable

Electronical lecture notes

Availability:  unavailable

Literature

Recommended literature
No recommended literature given.

Assigned Degree Programs

Zur Zeit wird die Datenstruktur umgestellt. Aus technischen Gründen wird die Verwendung des Moduls während des Umstellungsprozesses in zwei Listen angezeigt.

This module is used in the following modulelists:

Students of other degrees can participate in this module without capacity testing.

This module is used in the following Degree Programs (new System):

    Students of other degrees can participate in this module without capacity testing.

    Miscellaneous

    It is strongly advised to attend the „Software Security" lecture either in parallel or beforehand. A module which combines that lecture with this practical course is available („Applied Security", MINF-KS-CS/APS).