Xi Tan and Zheyuan Ma, CactiLab, University at Buffalo; Sandro Pinto, Universidade do Minho; Le Guan, University of Georgia; Ning Zhang, Washington University in St. Louis; Jun Xu, The University of Utah; Zhiqiang Lin, Ohio State University; Hongxin Hu, University at Buffalo; Ziming Zhao, CactiLab, University at Buffalo
Arm Cortex-M processors are the most widely used 32-bit microcontrollers among embedded and Internet-of-Things devices. Despite the widespread usage, there has been little effort in summarizing their hardware security features, characterizing the limitations and vulnerabilities of their hardware and software stack, and systematizing the research on securing these systems. The goals and contributions of this paper are multi-fold. First, we analyze the hardware security limitations and issues of Cortex-M systems. Second, we conducted a deep study of the software stack designed for Cortex-M and revealed its limitations, which is accompanied by an empirical analysis of 1,797 real-world firmware. Third, we categorize the reported bugs in Cortex-M software systems. Finally, we systematize the efforts that aim at securing Cortex-M systems and evaluate them in terms of the protections they offer, runtime performance, required hardware features, etc. Based on the insights, we develop a set of recommendations for the research community and MCU software developers.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
This content is available to:
author = {Xi Tan and Zheyuan Ma and Sandro Pinto and Le Guan and Ning Zhang and Jun Xu and Zhiqiang Lin and Hongxin Hu and Ziming Zhao},
title = {{SoK}: {Where{\textquoteright}s} the {{\textquotedblleft}up{\textquotedblright}?}! A Comprehensive (bottom-up) Study on the Security of Arm {Cortex-M} Systems},
booktitle = {18th USENIX WOOT Conference on Offensive Technologies (WOOT 24)},
year = {2024},
isbn = {978-1-939133-43-4},
address = {Philadelphia, PA},
pages = {149--169},
url = {https://www.usenix.org/conference/woot24/presentation/tan},
publisher = {USENIX Association},
month = aug
}