Security Evaluation of MCUS Defenses
Background. Securing embedded systems is becoming increasingly critical as result of the rapid rise of remote attacks and the explosion of IoT devices. Microcontroller-based systems (MCUS) are particularly vulnerable to control-flow hijacking attacks such as Return-Oriented Programming (ROP) due to their limited resources and use of memory unsafe languages (e.g., C/C++). Unfortunately, experimental evaluation of MCUS security remains tedious due to the lack of effective tooling and debug support, thus hindering researchers’ efforts to enhance MCUS security.
Aim. This talk aims to achieve two goals. First, to highlight the need for a benchmark and evaluation framework for IoT systems and introducing our BenchIoT  as a first step to fill this gap. Second, we will discuss two case studies of evaluating the security guarantees and performance of MCUS. The first case study will discuss using BenchIoT  to evaluate different defenses using the same benchmarks and evaluation metrics. For the second case study, we will use µRAI , a compiler-based mitigation to prevent ROP style attacks on MCUS without incurring high runtime overhead nor requiring special hardware features that are not commonly available on MCUS.
Method. To achieve the aforementioned goals, we first explore the high-level issues of MCUS security and evaluation process. Next, we study the design of BenchIoT , a benchmark suite and an evaluation framework that enables comparable evaluation of MCUS defenses. We demonstrate how BenchIoT  is used to evaluate and compare three defense mechanisms across 14 metrics covering security, performance, memory, and energy. Afterwards, we discuss how µRAI  was integrated with the BenchIoT  evaluation framework to automate collecting the runtime and memory results. Finally, we discuss how to integrate a backend LLVM passes with a runtime monitor to collect customized dynamic measurements, thus overcoming the limitations of underlying hardware (e.g., limited number of breakpoints).
Results and Conclusion. Our results indicate that BenchIoT  enables comparable and automated evaluation of MCUS security defense mechanisms. Integrating µRAI  with the BenchIoT  evaluation framework enabled automating large parts of the evaluation process. We believe leveraging such tools can simplify the evaluation process for MCUS security researchers.
Naif Saleh Almakhdhub is a PhD candidate in the ECE department at Purdue University, where he is advised by Mathias Payer and Saurabh Bagchi. His research focuses on protecting software against control-flow hijacking attacks, with an emphasis on applying these protections to embedded and IoT systems.
 N. S. Almakhdhub, A. A. Clements, M. Payer, and S. Bagchi, “Benchiot: A security benchmark for the internet of things,” in 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 2019, pp. 234–246.
 N. S. Almakhdhub, A. A. Clements, S. Bagchi, and M. Payer, “µRAI: Securing embedded systems with return address integrity,” in Network and Distributed Systems Security Symp. (NDSS), 2020.