Preventing memory errors in networked vehicle services through diversification

Hector Marco; Juan Carlos Ruiz; David  de Andrés; Ismael Ripoll

Preventing memory errors in networked vehicle services through diversification

Hector Marco, Juan Carlos Ruiz, David de Andrés, Ismael Ripoll

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

Abstract

Car-to-X communication stands for the communication of different vehicles (vehicle-to-vehicle) as well as for the communication of vehicles and infrastructure (vehicle-to-infrastructure). The development of these technologies promotes the emergence of new car infotainment and telematic services of added value for users. The side effect is the exposure of vehicles to a number of new threats, such as memory errors. Among other consequences, the exploitation of memory errors may lead to code-reuse attacks, where intruders reuse existing non-malicious
code with malicious purposes, such as gaining complete car control. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on dfferent hardware architectures. This paper proposes a strategy to thwart memory error exploitation by combining the diversification of HW through processor emulation with the creation of Service variants using offthe-shelf cross-compilation suites.

Original language	English
Title of host publication	Computer Safety, Reliability, and Security
Subtitle of host publication	32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings
Editors	Friedemann Bitsch, Jérémie Guiochet, Mohamed Kaâniche
Publisher	Springer-Verlag Berlin Heidelberg GmbH
Pages	1-6
Number of pages	6
Volume	8153
ISBN (Electronic)	9783642407932
ISBN (Print)	9783642407925
Publication status	Published - 2013
Externally published	Yes
Event	SAFECOMP - Workshop CARS - Toulouse, France Duration: 25 Jul 2013 → … http://conf.laas.fr/SAFECOMP2013/

Publication series

Name	Programming and Software Engineering
Publisher	Springer Nature

Workshop

Workshop	SAFECOMP - Workshop CARS
Country/Territory	France
City	Toulouse
Period	25/07/13 → …
Internet address	http://conf.laas.fr/SAFECOMP2013/

Keywords

car-to-X communications
memory errors
HW virtualization
Cross-compilation

Cite this

Marco, H., Ruiz, J. C., de Andrés, D., & Ripoll, I. (2013). Preventing memory errors in networked vehicle services through diversification. In F. Bitsch, J. Guiochet, & M. Kaâniche (Eds.), Computer Safety, Reliability, and Security: 32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings (Vol. 8153, pp. 1-6). (Programming and Software Engineering). Springer-Verlag Berlin Heidelberg GmbH.

Marco, Hector ; Ruiz, Juan Carlos ; de Andrés, David et al. / Preventing memory errors in networked vehicle services through diversification. Computer Safety, Reliability, and Security: 32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings. editor / Friedemann Bitsch ; Jérémie Guiochet ; Mohamed Kaâniche. Vol. 8153 Springer-Verlag Berlin Heidelberg GmbH, 2013. pp. 1-6 (Programming and Software Engineering).

@inbook{f68782827efe4dbd9e628dbb7bb9bdf8,

title = "Preventing memory errors in networked vehicle services through diversification",

abstract = "Car-to-X communication stands for the communication of different vehicles (vehicle-to-vehicle) as well as for the communication of vehicles and infrastructure (vehicle-to-infrastructure). The development of these technologies promotes the emergence of new car infotainment and telematic services of added value for users. The side effect is the exposure of vehicles to a number of new threats, such as memory errors. Among other consequences, the exploitation of memory errors may lead to code-reuse attacks, where intruders reuse existing non-maliciouscode with malicious purposes, such as gaining complete car control. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on dfferent hardware architectures. This paper proposes a strategy to thwart memory error exploitation by combining the diversification of HW through processor emulation with the creation of Service variants using offthe-shelf cross-compilation suites.",

keywords = "car-to-X communications, memory errors, HW virtualization, Cross-compilation",

author = "Hector Marco and Ruiz, {Juan Carlos} and {de Andr{\'e}s}, David and Ismael Ripoll",

year = "2013",

language = "English",

isbn = "9783642407925",

volume = "8153",

series = "Programming and Software Engineering",

publisher = "Springer-Verlag Berlin Heidelberg GmbH",

pages = "1--6",

editor = "Friedemann Bitsch and J{\'e}r{\'e}mie Guiochet and Mohamed Ka{\^a}niche",

booktitle = "Computer Safety, Reliability, and Security",

address = "Germany",

note = "SAFECOMP - Workshop CARS ; Conference date: 25-07-2013",

url = "http://conf.laas.fr/SAFECOMP2013/",

}

Marco, H, Ruiz, JC, de Andrés, D & Ripoll, I 2013, Preventing memory errors in networked vehicle services through diversification. in F Bitsch, J Guiochet & M Kaâniche (eds), Computer Safety, Reliability, and Security: 32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings. vol. 8153, Programming and Software Engineering, Springer-Verlag Berlin Heidelberg GmbH, pp. 1-6, SAFECOMP - Workshop CARS, Toulouse, France, 25/07/13.

Preventing memory errors in networked vehicle services through diversification. / Marco, Hector; Ruiz, Juan Carlos; de Andrés, David et al.
Computer Safety, Reliability, and Security: 32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings. ed. / Friedemann Bitsch; Jérémie Guiochet; Mohamed Kaâniche. Vol. 8153 Springer-Verlag Berlin Heidelberg GmbH, 2013. p. 1-6 (Programming and Software Engineering).

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

TY - CHAP

T1 - Preventing memory errors in networked vehicle services through diversification

AU - Marco, Hector

AU - Ruiz, Juan Carlos

AU - de Andrés, David

AU - Ripoll, Ismael

PY - 2013

Y1 - 2013

N2 - Car-to-X communication stands for the communication of different vehicles (vehicle-to-vehicle) as well as for the communication of vehicles and infrastructure (vehicle-to-infrastructure). The development of these technologies promotes the emergence of new car infotainment and telematic services of added value for users. The side effect is the exposure of vehicles to a number of new threats, such as memory errors. Among other consequences, the exploitation of memory errors may lead to code-reuse attacks, where intruders reuse existing non-maliciouscode with malicious purposes, such as gaining complete car control. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on dfferent hardware architectures. This paper proposes a strategy to thwart memory error exploitation by combining the diversification of HW through processor emulation with the creation of Service variants using offthe-shelf cross-compilation suites.

AB - Car-to-X communication stands for the communication of different vehicles (vehicle-to-vehicle) as well as for the communication of vehicles and infrastructure (vehicle-to-infrastructure). The development of these technologies promotes the emergence of new car infotainment and telematic services of added value for users. The side effect is the exposure of vehicles to a number of new threats, such as memory errors. Among other consequences, the exploitation of memory errors may lead to code-reuse attacks, where intruders reuse existing non-maliciouscode with malicious purposes, such as gaining complete car control. Since memory error exploits usually rely on highly specific processor characteristics, the same exploit rarely works on dfferent hardware architectures. This paper proposes a strategy to thwart memory error exploitation by combining the diversification of HW through processor emulation with the creation of Service variants using offthe-shelf cross-compilation suites.

KW - car-to-X communications

KW - memory errors

KW - HW virtualization

KW - Cross-compilation

M3 - Chapter

SN - 9783642407925

VL - 8153

T3 - Programming and Software Engineering

SP - 1

EP - 6

BT - Computer Safety, Reliability, and Security

A2 - Bitsch, Friedemann

A2 - Guiochet, Jérémie

A2 - Kaâniche, Mohamed

PB - Springer-Verlag Berlin Heidelberg GmbH

T2 - SAFECOMP - Workshop CARS

Y2 - 25 July 2013

ER -

Marco H, Ruiz JC, de Andrés D, Ripoll I. Preventing memory errors in networked vehicle services through diversification. In Bitsch F, Guiochet J, Kaâniche M, editors, Computer Safety, Reliability, and Security: 32nd International Conference, SAFECOMP 2013, Toulouse, France, September 14-27, 2013, Proceedings. Vol. 8153. Springer-Verlag Berlin Heidelberg GmbH. 2013. p. 1-6. (Programming and Software Engineering).

Preventing memory errors in networked vehicle services through diversification

Abstract

Publication series

Workshop

Keywords

Fingerprint

Cite this