Effectively Sanitizing Embedded Operating Systems
Published in 2024 61st ACM/IEEE Design Automation Conference (DAC), 2024
Recommended citation: Jianzhong Liu, Yuheng Shen, Yiru Xu, and Yu Jiang. 2024. Effectively Sanitizing Embedded Operating Systems. In Proceedings of the 2024 61st ACM/IEEE Design Automation Conference (DAC) http://www.wingtecher.com/themes/WingTecherResearch/assets/papers/paper_from_24/embsan_DAC24.pdf
Embedded operating systems, considering their widespread use in security-critical applications, are not effectively tested with sanitizers to effectively root out bugs. Sanitizers provide a means to detect bugs that are not visible directly through exceptional or erroneous behaviors, thus uncovering more potent bugs during testing. In this paper, we propose EmbSan, an embedded systems sanitizer for a diverse range of embedded operating system firmware through the use of dynamic instrumentation of sanitizer facilities and de-coupled on-host runtime libraries. This allows us to perform sanitation for multiple embedded OSs during fuzzing, such as many Embedded Linux-based firmware, various FreeRTOS firmware, and detect actual bugs within them. We evaluated EmbSan’s effectiveness on firmware images based on Embedded Linux, FreeRTOS, LiteOS, and VxWorks. Our results show that EmbSan can detect the same criteria of actual bugs found in the Embedded Linux kernel as reference implementations of KASAN, and exhibits a slowdown of 2.2× to 3.2× and 5.2× to 5.7× for KASAN and KCSAN, respectively, which is on par with established kernel sanitizers. EmbSan and embedded OS fuzzers also found a total of 41 new bugs in Embedded Linux, FreeRTOS, LiteOS and VxWorks.
Recommended citation: Jianzhong Liu, Yuheng Shen, Yiru Xu, and Yu Jiang. 2024. Effectively Sanitizing Embedded Operating Systems. In Proceedings of the 2024 61st ACM/IEEE Design Automation Conference (DAC).