Ali Abbasi

A deep dive investigation into Siemens S7 PLCs bootloader and ADONIS Operating System.

Siemens is a leading provider of industrial automation components for critical infrastructures, and their S7 PLC series is one of the most widely used PLCs in the industry. In recent years, Siemens integrated various security measures into their PLCs. This includes, among others, firmware integrity verification at boot time using a separate bootloader code. This code is baked in a separated SPI flash, and its firmware is not accessible via Siemens' website. In this talk, we present our investigation of the code running in the Siemens S7-1200 PLC bootloader and its security implications. Specifically, we will demonstrate that this bootloader, which to the best of our knowledge was running at least on Siemens S7-1200 PLCs since 2013, contains an undocumented "special access feature". This special access feature can be activated when the user sends a specific command via UART within the first half-second of the PLC booting. The special access feature provides functionalities such as limited read and writes to memory at boot time via the UART interface. We discovered that a combination of those protocol features could be exploited to execute arbitrary code in the PLC and dump the entire PLC memory using a cold-boot style attack. With that, this feature can be used to violate the existing security ecosystem established by Siemens. On a positive note, once discovered by the asset owner, this feature can also be used for good, e.g., as a forensic interface for Siemens PLCs. The talk will be accompanied by the demo of our findings.

Other people: Tobias Scharnowski

In this talk we will present a deep-dive analysis of the anatomy of QNX: a proprietary, real-time operating system aimed at the embedded market used in many sensitive and critical systems, particularly within the automotive industry. We will present the first reverse-engineering and analysis of the exploit mitigations, secure random number generators and memory management internals of QNX versions up to and including 6.6 and the brand new 64-bit QNX 7.0 (released in March 2017) and uncover a variety of design issues and vulnerabilities.

QNX is a proprietary, closed-source, Unix-like real-time operating system aimed at the embedded market. It is found in everything from BlackBerry products, carrier-grade routers and medical devices to military radios, UAVs and nuclear powerplants. On top of that, it dominates the automotive market and is found in millions of cars. While some prior security research has discussed QNX, mainly as a byproduct of BlackBerry mobile research, there is no prior work on QNX exploit mitigations or its secure random number generators. This talk seeks to close that gap by presenting the first reverse-engineering and analysis of the exploit mitigations, secure random number generators and memory management internals of QNX. We dissect the NX / DEP, ASLR, Stack Cookies and RELRO mitigations as well as the /dev/random and kernel PRNGs. We subsequently uncover a variety of design issues and vulnerabilities in these mitigations and PRNGs, which have significant implications for the exploitability of memory corruption vulnerabilities on QNX as well as the strength of its cryptographic ecosystem. Finally, we provide information on available patches and hardening measures available to defenders seeking to harden their QNX-based systems against the discussed issues.

Other people: Jos Wetzels

Input/Output is the mechanisms through which embedded systems interact and control the outside world. Particularly when employed in mission critical systems, the I/O of embedded systems has to be both reliable and secure. Embedded system’s I/O is controlled by a pin based approach. In this work, we investigate the security implications of embedded system’s pin control. In particular, we show how an attacker can tamper with the integrity and availability of an embedded system’s I/O by exploiting cerain pin control operations and the lack of hardware interrupts associated to them.

Embedded systems are widely used today in a variety of applications, such as consumer, industrial, automotive, medical, commercial and military. As such, they are often employed in mission critical systems that have to be both reliable and secure. In particular, it is important that their I/O (Input/Output) be stable and secure, as this is the way they interact with the outside world. Digging into their architecture, we know that the I/O interfaces of embedded systems (e.g., GPIO, SCI, USB, etc.), are usually controlled by a so-called System on a Chip (SoC), an integrated circuit that combines multiple I/O interfaces. In turn, the pins in a SoC are managed by a pin controller, a subsystem of SoC, through which one can configure pin multiplexing or the input or output mode of pins. One of the most peculiar aspects of a pin controller is that its behavior is determined by a set of registers: by altering these registers one can change the behavior of the chip in a dramatic way. This feature is exploitable by attackers, who can tamper with the integrity or the availability of legitimate I/O operations, factually changing how an embedded system interacts with the outside world. Based on these observations, in this research, we introduce a novel attack technique against embedded systems, which we call pin control attack. As we will demonstrate in the work, the salient features of this new class of attacks are: First, it is intrinsically stealth. The alteration of the pin configuration does not generate any interrupt, preventing the OS to react to it. Secondly, it is entirely different in execution from traditional techniques such as manipulation of kernel data structures or system call hooking, which are typically monitored by anti-rootkit protection systems. Finally, it is viable. It is possible to build concrete attack using it. To demonstrate these points, we first present and demonstrate the attack capabilities offered by Pin Control attack, together with the minimal requirements for carrying out the attack. We argue that the attack capabilities include blocking the communication with a peripheral, causing physical damage to the peripheral, and manipulating values read or written by legitimate processes. We show how pin control can be exploited both with and without the attacker having kernel-level or root access. To demonstrate the feasibility of our attack technique, we describe the practical implementation of an attack against a Programmable Logic Controller (PLC) environment by exploiting the runtime configuration of the I/O pins used by the PLC to control a physical process. The attack allows one to reliably take control of the physical process normally managed by the PLC, while remaining stealth to both the PLC runtime and operators monitoring the process through a Human Machine Interface, a goal much more challenging than simply disabling the process control capabilities of the PLC, which would anyway lead to potentially catastrophic consequences. The attack does not require modification of the PLC logic or traditional kernel tampering or hooking techniques, which are normally monitored by anti-rootkit tools. We present two variations of the attack implementation. The first implementation allows an extremely reliable manipulation of the process at the cost of requiring root access. The second implementation slightly relaxes the requirement of reliable manipulation while allowing the manipulation to be achieved without root access. Finally, we discuss potential mechanisms to detect/prevent Pin Configuration exploitation. However, because the pin configuration does happen legitimately at runtime and the lack of proper interrupt notifications from the SoC, it seems non-trivial to devise monitoring techniques that are both reliable and sufficiently light way to be employed in embedded systems.

Other people: Majid

Secure random number generators play a crucial role in the wider security ecosystem. In the absence of a dedicated hardware True Random Number Generator (TRNG), computer systems have to resort to a software (cryptographically secure) Pseudo-Random Number Generator (CSPRNG). Since the (secure) design of a CSPRNG is an involved and complicated effort and since randomness is such a security-critical resource, many operating systems provide a CSPRNG as a core system service and many popular security software products assume their presence. The constraints imposed by the embedded world, however, pose a variety of unique challenges to proper OS (CS)PRNG design and implementation which have historically resulted in security failures. In this talk we will discuss these challenges, how they affect the quality of (CS)PRNGs in embedded operating systems and illustrate our arguments by means of the first public analysis of the OS random number generators of several popular embedded operating systems.

Randomness is a fundamental, security-critical resource in the wider security ecosystem utilized by everything from cryptographic software (eg. key and nonce generation) to exploit mitigations (eg. ASLR and stack canary generation). Ideally secure random number generation is done using a dedicated hardware True Random Number Generator (TRNG) collecting entropy from physical processes such as radioactive decay or shot noise. TRNGs, however, are both relatively slow in their provision of random data and often too expensive to integrate in a system which means computer systems have to resort to a software (cryptographically secure) Pseudo-Random Number Generator (CSPRNG). Such a CSPRNG is seeded (both initially and continuously) from a variety of sources of 'true' entropy which are effectively stretched into additional pseudo-random data using cryptographic methods. Since the design and implementation of such CSPRNGs is a complicated and involved effort, many operating systems provide one as a system service (eg. /dev/(u)random on UNIX-like systems) and as a result many security software suites assume their existence. The embedded world, however, poses a variety of unique challenges (resulting from constraints and deployment scenarios, which differ significantly from the general-purpose world) when designing and implementing (CS)PRNGs. Resulting inadequacies in embedded OS random number generators have led to various security failures in the past (from weak cryptographic keys in network devices to broken exploit mitigations in smartphones) emphasizing the need for public scrutiny of their security, especially considering the nature of embedded system deployments (in everything from vehicles and critical infrastructure to networking equipment) and the sheer variety of ebmedded operating systems compared to the general-purpose world. In this talk we will discuss various challenges posed by the embedded world to (CS)PRNG design and implementation and illustrate our arguments by means of the first public analysis of the OS random number generators of several popular embedded operating systems and a discussion of how their flaws related to these previously identified challenges.

Other people: Jos Wetzels