Print Email Facebook Twitter Creating a Configuration Security Layer for Embedded Devices Title Creating a Configuration Security Layer for Embedded Devices: A research-based on the case study of a widely used Embedded Device Author Lazaridis, Lazaros (TU Delft Electrical Engineering, Mathematics and Computer Science) Contributor Hartel, P.H. (mentor) Hernandez Ganan, C. (graduation committee) Nasri, Mitra (graduation committee) Degree granting institution Delft University of Technology Programme Electrical Engineering | Embedded Systems Date 2020 Abstract As software security expert Bruce Schneier argues, the pervasive vulnerability of embedded systems today is structurally similar to the security crisis of PCs in the mid-1990s—only much worse. Embedded devices are ideal malware targets for several reasons. Firstly, Internet-connected devices are inherently more exposed to remote exploitation. Furthermore, embedded systems are notoriously difficult to update, regularly leading to unpatched vulnerabilities. Last but not least, many such devices operate in a mostly unattended fashion, which means that the timely discovery of compromise is unlikely. Hardening is the process of securing a system by reducing its surface of vulnerability. Hardening of the already deployed embedded devices that are connected to the internet is examined in this research. A method capable of automatically generating and enforcing security configuration based on the embedded system’s set of functions has been designed and implemented. The proposed system is dynamic, automatic, and seamless. Hardening level of such devices is measured through recognized security benchmarks. The objective is to harden the product as much as possible while maintaining its full functionality. This study concerns embedded systems using custom Linux-distribution software. The thesis was conducted in cooperation with Atos. OpenScape Business series X (OSBiz X) was used as a case study. OSBiz X is an embedded system used as a telephony center, with more than 150.000 systems already deployed worldwide. Implementing the system described above on OSBiz X significantly increased the hardening-level of the product while its functionality remained intact. Due to the case study’s scenario results, Atos plans to integrate the proposed system into the next version of OSBiz X’s official release. Finally, ongoing research about other internal organization’s products that could greatly benefit from this approach is being conducted. Subject embedded systemsIoThardeningsecurityLinux To reference this document use: http://resolver.tudelft.nl/uuid:9e261c11-e339-4e52-9dde-10d186e4dd89 Embargo date 2021-06-30 Part of collection Student theses Document type master thesis Rights © 2020 Lazaros Lazaridis Files PDF TUDeflt_MasterThesis_Laza ... aridis.pdf 2.39 MB Close viewer /islandora/object/uuid:9e261c11-e339-4e52-9dde-10d186e4dd89/datastream/OBJ/view