Ghost in the Machine: Challenges in Embedded Binary Security

Monday, January 30, 2017 - 1:00pm–1:30pm

Jos Wetzels, Distributed and Embedded System Security (DIES) Group, University of Twente, Netherlands


Embedded systems are everywhere, from consumer electronics to critical infrastructure, vehicles, airplanes and military equipment. Yet public attention to security of embedded systems is relatively recent compared to that of the general purpose world. Combined with its polyculture of hardware architectures and operating systems and the proprietary and restricted nature of many systems and protocols, this has led to an opaque security landscape for both researchers and developers.

As a result embedded binary security generally lags behind what is commonly expected of modern general purpose systems. Hardening embedded systems via adoption of modern exploitation mitigations isn't, however, a trivial endeavor due to the many challenges and intrinsic constraints imposed by embedded environments. If we take into consideration the dominance of unsafe languages and the fact that patch deployment is far more involved on these systems, this is all the more reason for concern.

In this talk we will delve into the embedded ecosystem, present an overview of the state of embedded binary security and outline some of the challenges faced in the adoption of modern exploit mitigations, drawing upon our experiences during security research conducted into popular embedded OSes and our involvement in developing such mitigations for Industrial Control Systems.

Jos Wetzels, Distributed and Embedded System Security (DIES) Group, University of Twente

Jos Wetzels is a Research Assistant with the Distributed and Embedded System Security (DIES) Group at the University of Twente. He currently works on projects aimed at hardening embedded systems used in critical infrastructure, where he focuses on binary security in general and exploit development and mitigation in particular, and has been involved in research regarding on-the-fly detection and containment of unknown malware and Advanced Persistent Threats. He has assisted teaching hands-on offensive security classes for graduate students at the Dutch Kerckhoffs Institute for several years.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@conference {202291,
author = {Jos Wetzels},
title = {Ghost in the Machine: Challenges in Embedded Binary Security},
year = {2017},
address = {Oakland, CA},
publisher = {{USENIX} Association},
month = jan,

Presentation Video