Add expose

README.md

+# Low-power IoT System software
+
+This repository should reflect the progress of working on the report about low-powered IoT system software in a security context.
+

expose/Expose_Korthals.tex

+\documentclass[conference]{IEEEtran}
+\IEEEoverridecommandlockouts
+% The preceding line is only needed to identify funding in the first footnote. If that is unneeded, please comment it out.
+\usepackage{cite}
+\usepackage{amsmath,amssymb,amsfonts}
+\usepackage{algorithmic}
+\usepackage{graphicx}
+\usepackage{textcomp}
+\usepackage{xcolor}
+\def\BibTeX{{\rm B\kern-.05em{\sc i\kern-.025em b}\kern-.08em
+    T\kern-.1667em\lower.7ex\hbox{E}\kern-.125emX}}
+\begin{document}
+
+\title{Securing low-power IoT system software}
+
+\author{\IEEEauthorblockN{Felix Korthals}
+\IEEEauthorblockA{\textit{FU Berlin} \\
+Berlin, Germany \\
+felix.korthals@live.de}
+}
+
+\maketitle
+
+\section{Exposé}
+
+The goal of this report is to answer how low-power IoT system software can ensure security properties (confidentiality, integrity, availability) in consideration of the constraints in memory space, processing power, power usage and missing hardware components.
+
+These security properties concern for example the isolation between different processes or the authenticity of a programs control-flow.
+Especially memory protection in IoT systems may be more difficult since the hardware often does not provide a Memory Management Unit (MMU) and therefore hardware-assisted virtual addressing is not possible.
+
+Currently i have identified several approaches (non-exhaustive) for enhancing system software security which are not mutually exclusive:
+\begin{itemize}
+\item Using additional memory protection hardware (e.g. ARM Cortex-M MPU (Memory Protection Unit)) to support existing/conventional software systems (see \cite{b1}, \cite{b2})
+\item Using a (mostly) memory- and type-safe programming language in novel system software (see \cite{b4}, \cite{b9})
+\item Using a security focused system architecture in novel system software (e.g. "Capsules" in Tock OS \cite{b4})
+\item Using formal methods to verify the code of the system software against a specification (see "seL4" \cite{b10})
+\end{itemize}
+
+\subsection{Course of action}
+
+I need to investigate how exactly the IoT system software can ensure the security guarantees and how well that works in the field. For answering this question either additional research papers or maybe even CVE records ("Common Vulnerabilities and Exposures") might be relevant sources.
+
+Further i need to decide which of the system software i want to take as the example to take the deep-dive into. This will most probably depend on the ressources (especially papers) that are available for the software and on the security considerations that have been applied (to suffice the security-focused topic of the seminar). Especially concerning RIOT OS i have not yet found informations that specifically cover security properties but further investigation ist needed.
+
+For the final prospects further investigation is needed.
+
+\subsection{Tentative structure}
+
+\begin{itemize}
+\item Motivation
+    \begin{itemize}
+    \item Why securing IoT system software is difficult
+    \item Attack vectors on IoT system software
+        \begin{itemize}
+        \item Short example, e.g. Return address corruption on the stack
+        \end{itemize}
+    \end{itemize}
+\item Approaches
+    \begin{itemize}
+    \item memory protection hardware
+    \item safe languages
+    \item formal verification
+    \end{itemize}
+\item Implementations
+    \begin{itemize}
+    \item Overview: Selection of low-power IoT system software (coverage)
+    \item Concrete example(s): RIOT OS/Tock OS/Contiki/...? (yet to be decided)
+    \end{itemize}
+\item Evalutation
+    \begin{itemize}
+    \item Do the security guarantees hold in the examined system(s)?
+    \item Drawbacks (What does not work, Performance Overhead, etc.)
+    \end{itemize}
+\item Prospects
+\end{itemize}
+
+Beware that most of the subtitles in the structure must be renamed to be more concise but this verbose form tries to describe more directly what i am trying to achieve in each chapter.
+
+\begin{thebibliography}{00}
+\subsection*{\upshape Given Sources:}
+\bibitem{b1} Strackx, Raoul \& Piessens, Frank \& Preneel, Bart. (2010). Efficient Isolation of Trusted Subsystems in Embedded Systems. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering. 50. 344-361. 10.1007/978-3-642-16161-2\_20.
+\bibitem{b2} Mühlberg, J.T., Noorman, J., Piessens, F. (2015). Lightweight and Flexible Trust Assessment Modules for the Internet of Things. In: Pernul, G., Y A Ryan, P., Weippl, E. (eds) Computer Security -- ESORICS 2015. ESORICS 2015. Lecture Notes in Computer Science(), vol 9326. Springer, Cham. https://doi.org/10.1007/978-3-319-24174-6\_26
+\bibitem{b3} E. Baccelli et al., "RIOT: An Open Source Operating System for Low-End Embedded Devices in the IoT," in IEEE Internet of Things Journal, vol. 5, no. 6, pp. 4428-4440, Dec. 2018, doi: 10.1109/JIOT.2018.2815038.
+\bibitem{b4} Levy, Amit \& Campbell, Bradford \& Ghena, Branden \& Giffin, Daniel \& Pannuto, Pat \& Dutta, Prabal \& Levis, Philip. (2017). Multiprogramming a 64kB Computer Safely and Efficiently. 234-251. 10.1145/3132747.3132786.
+\subsection*{\upshape Other sources:}
+\bibitem{b5} Erlingsson, Úlfar. (2007). Low-Level Software Security: Attacks and Defenses. 92-134. 10.1007/978-3-540-74810-6\_4.
+\bibitem{b6} Clercq, Ruan \& Piessens, Frank \& Schellekens, Dries \& Verbauwhede, Ingrid. (2014). Secure interrupts on low-end microcontrollers. 147-152. 10.1109/ASAP.2014.6868649.
+\bibitem{b7} A. Dunkels, B. Gronvall and T. Voigt, "Contiki - a lightweight and flexible operating system for tiny networked sensors," 29th Annual IEEE International Conference on Local Computer Networks, 2004, pp. 455-462, doi: 10.1109/LCN.2004.38.
+\bibitem{b8} Banegas, Gustavo \& Zandberg, Koen \& Herrmann, Adrian \& Baccelli, Emmanuel \& Smith, Benjamin. (2021). Quantum-Resistant Security for Software Updates on Low-power Networked Embedded Devices.
+\bibitem{b9} Amit Levy, Bradford Campbell, Branden Ghena, Pat Pannuto, Prabal Dutta, and Philip Levis. 2017. The Case for Writing a Kernel in Rust. In Proceedings of the 8th Asia-Pacific Workshop on Systems (APSys '17). Association for Computing Machinery, New York, NY, USA, Article 1, 1–7. https://doi.org/10.1145/3124680.3124717
+\bibitem{b10} Gerwin Klein, June Andronick, Kevin Elphinstone, Gernot Heiser, David Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, and Simon Winwood. 2010. SeL4: formal verification of an operating-system kernel. Commun. ACM 53, 6 (June 2010), 107–115. https://doi.org/10.1145/1743546.1743574
+\end{thebibliography}
+\vspace{12pt}
+
+\section{Open questions}
+
+\begin{enumerate}
+\item Initially your proposal was just "Low-power IoT system software" but i thought that may implicitly include the security context (considering the course title). Is the additional security focus desired?
+\item Is it a good idea to show some attack vectors on IoT system software as a motivation for the reader (without going into details) or is that too specific to be of value and should be omitted?
+\item Are there other aspects/approaches that i may have overlooked and that need to be discussed in the report?
+\item Should i focus on one of the approaches more than on the others (considering e.g. overlaps with the work of other students and the focus of the course)?
+\end{enumerate}
+
+\end{document}
+

expose/Makefile

+# template for ieee from [here](https://www.ieee.org/conferences/publishing/templates.html)
+
+LATEX=pdflatex
+
+all: pdf
+
+pdf:
+	$(LATEX) *.tex
+
+clean:
+	rm *.aux *.log
+