Hardening techniques help device connectivity
Technologies for advanced software hardening have recently been developed by GrammaTech. Most devices on the market today were not designed to support the high levels of connectivity, access and remote operations of today’s IoT systems.
However, GrammaTech’s software hardening tools and techniques complement the company’s static analysis products and services, helping teams to develop resilient software and minimise risks of security breaches and other failures.
Today’s connected economy depends on interconnected, always-on cyber physical devices to power cities, homes and transportation. Unfortunately, these systems are common targets of malicious cyber attacks, creating an ever-increasing set of failures and breaches in the field. To solve this global issue, GrammaTech’s software hardening research is advancing technology for protecting embedded device software:
- Static techniques - binary analysis, transformation and rewriting
Static hardening allows development and operations teams to analyse, patch and deploy binary executables, removing potentially hazardous vulnerabilities. To augment applications with extra safeguards, development teams can transform their binaries prior to deployment with techniques such as confinement - which allows an application to detect an attack, confine the malicious activity and continue to operate safely; and diversification - a technique of altering code and memory layout to prevent potential exploits, building resiliency and allowing systems to operate longer and run more safely and reliably. - Dynamic techniques - run-time monitoring
With the increasing need for heightened security, Run-time Application Self-Protection (RASP) techniques are starting to be deployed within IT and mobile applications. Unfortunately, these first generation technologies are incompatible with embedded and machine-to-machine (M2M) software due to the incurred performance overhead.
Working with research sponsors and commercial pilot customers, including efforts for DARPA’s Cyber Grand Challenge, GrammaTech is advancing these technologies for embedded use. GrammaTech’s run-time monitors provide devices with basic forms of self-awareness, allowing systems to detect deviations from expected behaviours and respond to attacks by raising alerts, initiating recovery processes or shutting down altogether to protect critical data.
GrammaTech’s software hardening technologies will support existing solutions that help commercial customers achieve successful levels of reliability, safety and security. GrammaTech’s aim is to create new products that can easily be used by embedded engineering teams worldwide. These new software hardening technologies will allow teams to fix identified vulnerabilities, while adding security safeguards for the ‘unknowns’ their devices will encounter once deployed - thus advancing their software’s resiliency.
“Today’s computing ecosystems are under constant threat, and system attacks are an unfortunate fact of life,” said Dr David Melski, VP of Research at GrammaTech. “Rigorous analysis and hardening techniques can make the difference between surviving or succumbing to an attack. Software hardening is increasingly important for safe and secure operation.”