Preventing memory errors in networked vehicle services through diversification

Hector Marco, Juan Carlos Ruiz, David de Andrés, Ismael Ripoll

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

Car-to-X communication stands for the communication of different vehicles (vehicle-to-vehicle) as well as for the communication of vehicles and infrastructure (vehicle-to-infrastructure). The development of these technologies promotes the emergence of new car infotainment and telematic services of added value for users. The side effect is the exposure of vehicles to a number of new threats, such as memory errors. Among other consequences, the exploitation of memory errors may lead to code-reuse attacks, where intruders reuse existing non-malicious
code with malicious purposes, such as gaining complete car control. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on dfferent hardware architectures. This paper proposes a strategy to thwart memory error exploitation by combining the diversification of HW through processor emulation with the creation of Service variants using offthe-shelf cross-compilation suites.
Original languageEnglish
Title of host publicationComputer Safety, Reliability, and Security
Subtitle of host publication32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings
EditorsFriedemann Bitsch, Jérémie Guiochet, Mohamed Kaâniche
PublisherSpringer-Verlag Berlin Heidelberg GmbH
Pages1-6
Number of pages6
Volume8153
ISBN (Electronic)9783642407932
ISBN (Print)9783642407925
Publication statusPublished - 2013
Externally publishedYes
EventSAFECOMP - Workshop CARS - Toulouse, France
Duration: 25 Jul 2013 → …
http://conf.laas.fr/SAFECOMP2013/

Publication series

NameProgramming and Software Engineering
PublisherSpringer Nature

Workshop

WorkshopSAFECOMP - Workshop CARS
CountryFrance
CityToulouse
Period25/07/13 → …
Internet address

Fingerprint

Data storage equipment
Railroad cars
Communication
Hardware

Keywords

  • car-to-X communications
  • memory errors
  • HW virtualization
  • Cross-compilation

Cite this

Marco, H., Ruiz, J. C., de Andrés, D., & Ripoll, I. (2013). Preventing memory errors in networked vehicle services through diversification. In F. Bitsch, J. Guiochet, & M. Kaâniche (Eds.), Computer Safety, Reliability, and Security: 32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings (Vol. 8153, pp. 1-6). (Programming and Software Engineering). Springer-Verlag Berlin Heidelberg GmbH.
Marco, Hector ; Ruiz, Juan Carlos ; de Andrés, David ; Ripoll, Ismael. / Preventing memory errors in networked vehicle services through diversification. Computer Safety, Reliability, and Security: 32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings. editor / Friedemann Bitsch ; Jérémie Guiochet ; Mohamed Kaâniche. Vol. 8153 Springer-Verlag Berlin Heidelberg GmbH, 2013. pp. 1-6 (Programming and Software Engineering).
@inbook{f68782827efe4dbd9e628dbb7bb9bdf8,
title = "Preventing memory errors in networked vehicle services through diversification",
abstract = "Car-to-X communication stands for the communication of different vehicles (vehicle-to-vehicle) as well as for the communication of vehicles and infrastructure (vehicle-to-infrastructure). The development of these technologies promotes the emergence of new car infotainment and telematic services of added value for users. The side effect is the exposure of vehicles to a number of new threats, such as memory errors. Among other consequences, the exploitation of memory errors may lead to code-reuse attacks, where intruders reuse existing non-maliciouscode with malicious purposes, such as gaining complete car control. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on dfferent hardware architectures. This paper proposes a strategy to thwart memory error exploitation by combining the diversification of HW through processor emulation with the creation of Service variants using offthe-shelf cross-compilation suites.",
keywords = "car-to-X communications, memory errors, HW virtualization, Cross-compilation",
author = "Hector Marco and Ruiz, {Juan Carlos} and {de Andr{\'e}s}, David and Ismael Ripoll",
year = "2013",
language = "English",
isbn = "9783642407925",
volume = "8153",
series = "Programming and Software Engineering",
publisher = "Springer-Verlag Berlin Heidelberg GmbH",
pages = "1--6",
editor = "Friedemann Bitsch and J{\'e}r{\'e}mie Guiochet and Mohamed Ka{\^a}niche",
booktitle = "Computer Safety, Reliability, and Security",
address = "Germany",

}

Marco, H, Ruiz, JC, de Andrés, D & Ripoll, I 2013, Preventing memory errors in networked vehicle services through diversification. in F Bitsch, J Guiochet & M Kaâniche (eds), Computer Safety, Reliability, and Security: 32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings. vol. 8153, Programming and Software Engineering, Springer-Verlag Berlin Heidelberg GmbH, pp. 1-6, SAFECOMP - Workshop CARS, Toulouse, France, 25/07/13.

Preventing memory errors in networked vehicle services through diversification. / Marco, Hector; Ruiz, Juan Carlos; de Andrés, David; Ripoll, Ismael.

Computer Safety, Reliability, and Security: 32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings. ed. / Friedemann Bitsch; Jérémie Guiochet; Mohamed Kaâniche. Vol. 8153 Springer-Verlag Berlin Heidelberg GmbH, 2013. p. 1-6 (Programming and Software Engineering).

Research output: Chapter in Book/Report/Conference proceedingChapter

TY - CHAP

T1 - Preventing memory errors in networked vehicle services through diversification

AU - Marco, Hector

AU - Ruiz, Juan Carlos

AU - de Andrés, David

AU - Ripoll, Ismael

PY - 2013

Y1 - 2013

N2 - Car-to-X communication stands for the communication of different vehicles (vehicle-to-vehicle) as well as for the communication of vehicles and infrastructure (vehicle-to-infrastructure). The development of these technologies promotes the emergence of new car infotainment and telematic services of added value for users. The side effect is the exposure of vehicles to a number of new threats, such as memory errors. Among other consequences, the exploitation of memory errors may lead to code-reuse attacks, where intruders reuse existing non-maliciouscode with malicious purposes, such as gaining complete car control. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on dfferent hardware architectures. This paper proposes a strategy to thwart memory error exploitation by combining the diversification of HW through processor emulation with the creation of Service variants using offthe-shelf cross-compilation suites.

AB - Car-to-X communication stands for the communication of different vehicles (vehicle-to-vehicle) as well as for the communication of vehicles and infrastructure (vehicle-to-infrastructure). The development of these technologies promotes the emergence of new car infotainment and telematic services of added value for users. The side effect is the exposure of vehicles to a number of new threats, such as memory errors. Among other consequences, the exploitation of memory errors may lead to code-reuse attacks, where intruders reuse existing non-maliciouscode with malicious purposes, such as gaining complete car control. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on dfferent hardware architectures. This paper proposes a strategy to thwart memory error exploitation by combining the diversification of HW through processor emulation with the creation of Service variants using offthe-shelf cross-compilation suites.

KW - car-to-X communications

KW - memory errors

KW - HW virtualization

KW - Cross-compilation

M3 - Chapter

SN - 9783642407925

VL - 8153

T3 - Programming and Software Engineering

SP - 1

EP - 6

BT - Computer Safety, Reliability, and Security

A2 - Bitsch, Friedemann

A2 - Guiochet, Jérémie

A2 - Kaâniche, Mohamed

PB - Springer-Verlag Berlin Heidelberg GmbH

ER -

Marco H, Ruiz JC, de Andrés D, Ripoll I. Preventing memory errors in networked vehicle services through diversification. In Bitsch F, Guiochet J, Kaâniche M, editors, Computer Safety, Reliability, and Security: 32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings. Vol. 8153. Springer-Verlag Berlin Heidelberg GmbH. 2013. p. 1-6. (Programming and Software Engineering).