12-01, 22:30–23:00 (Europe/Berlin), Main Stage
With its rich feature set, regular release cycle cadence, and adoption into silicon vendors’ board support packages, it is no wonder that the Open Source Das U-Boot bootloader has become so ubiquitous throughout products spanning a breadth of application domains. However, much of what makes U-Boot so helpful to embedded systems engineers can be a double-edged sword; permissive functionality and readily available reference configurations represent a form of “security debt” that must be paid off by the engineering teams integrating U-Boot into their product. In both public research and private security assessments, it is commonly found that devices are vulnerable to abuse as a result of product vendors failing to invest adequate time and effort into securing their U-Boot configurations and customizations.
This talk will describe common security failure patterns observed during security assessments of products using U-Boot, introduce NCC Group’s “Depthcharge” toolkit built to support U-Boot security auditing, and present its new functionality that is aimed at providing engineering teams with a means to avoid inadvertent inclusion of functionality that may be an ill-fit for their specific security objectives. At a higher level, this talk aims to foster discussions about how we call all help ensure that product development teams customize, configure, and deploy U-Boot more securely, such that end users remain safe.
Jon Szymaniak is Principal Security Consultant in NCC Group’s Hardware & Embedded Security Services practice and is a former embedded systems software engineer. Since joining NCC Group in 2016, Jon has conducted security assessments for a myriad of targets systems, including BMCs, automotive ECUs, Android-based platforms, “smart home” products, and boot ROMs. He is the developer and maintainer of NCC Group’s “Depthcharge” project. His areas of professional focus and personal passion include U-Boot, Linux, Yocto, and firmware reverse engineering.