Automotive Security. Community Driven - Now Online
The Automotive Security Research Group Pittsburgh (ASRG-PIT) is a non-profit initiative to promote the development of security solutions for automotive products.
GOALS: - Research projects on publicly available vehicles, infrastructure and supporting backend systems. - Information sharing concerning existing automotive security problems, solutions, products and technology. - Create meaningful results to be shared with the public in a controlled manner. - Create a community of shared resources and networking.
Join us for our upcoming ASRG-WORLD LiveStream, the global online (COVID19 Approved) version of ASRG. This time we have the pleasure of hosting Alfie Eskandari (Embedded Software Engineer). In this presentation we review some concepts regarding secure boot on an i.MX6 processor including security architecture, code signing concept, PKI, image signing / encryption and authentication / decryption processes. We will see a reference implementation and use Ghidra for reverse engineering in order to verify the functionality of authenticated / encrypted boot.
ABSTRACT: In the context of this webinar, we learn how a chain of trust can be established on an Embedded Linux Platform. We review some concepts regarding secure boot on NXP i.MX6 processor including security architecture, code signing concept and architecture, PKI tree, image signing/encryption and authentication/decryption processes. There are some security vulnerabilities discussed related to i.MX application processors and U-Boot. Eventually, we see a reference implementation and demo on an i.MX6 dual core ARM Cortex-A9 platform establishing chain of trust through authenticated boot including U-Boot and FIT image (Linux kernel, Device tree blob, Rootfs on ramdisk) and extending the chain of trust to support encrypted boot and storage encryption. We also use Ghidra reverse engineering tool to do some simple manipulations of the U-Boot and Linux kernel binary images in order to verify the functionality of authenticated/encrypted boot.
ABOUT THE PRESENTER: Alfie Eskandari : Alfie has been working since 2015 as embedded software engineer with the main focus on Linux system programming. He is interested in embedded Linux security and embedded systems security from hardware and as well from software perspective. Alfie received his Master of Science degree in Electronics and Communications Engineering from the Technical University of Munich in 2015 and the Bachelor of Science degree in Electronics Engineering in 2009.