Dynamic Devices

Applying DSbD to protect Linux systems from exploitation by hackers

Overview

Dynamic Devices has been working in embedded systems and IoT for over twenty years, and for their team, participation in the DSbD programme has been a logical step in staying at the forefront of securing IoT devices.

The Dynamic Devices team attended the Digital Catapult event ‘Is the future for secure computer systems open source?’ in June 2022, where the keynote speaker was Bruce Perens, one of the founders of the open source movement. Through this event, they became involved in the DSbD’s Technology Access Programme (TAP), which is run by Digital Catapult.

Making Linux CHERI support accessible

The Morello evaluation board designed by Arm is a real-world test platform for the CHERI architecture developed by the University of Cambridge. It is the first hardware implementation of DSbD technology, and could eliminate whole classes of possible exploits, significantly reducing the ability of bad actors to capture user data, take over machines, or shut down critical systems.

Participation in the DSbD TAP gives Dynamic Devices the opportunity to work with the CHERI community – upskilling team members as well as contributing to embedded security.

Dynamic Devices has been engaging with the teams from Arm and Cambridge University on building firmware to support CHERI through CheriBSD and Android operating systems. The company has been working on building and supporting embedded Linux using the Yocto meta-distribution toolchain, so that CHERI support can be brought to the wider embedded Linux ecosystem, as well as designing an operating system image that demonstrates how CHERI protects Linux systems against exploitation by hackers. 

The aim is to produce a straightforward procedure that enables a new user to build a CHERI image and examples for a Morello board, or run an image on the standard Yocto QEMU emulator if hardware is unavailable.

Many device vendors are using a form of embedded Linux in their embedded and IoT devices. The Dynamic Devices team recognises that having hardware that can protect against a major set of attack vectors, such as memory overflow exploits, can be hugely beneficial. Playing a part in opening up CHERI support to the wider embedded Linux community will help them to secure the embedded space.

“Much of our current work with embedded Linux is supporting computing at the edge, for example with 5G, and this requires containerisation. So, to learn that CHERI can potentially be a major contributor to securing and optimising the performance of containers at the edge is an extremely exciting development for us.”

Alex J Lennon, Dynamic Devices founder

 

About Dynamic Devices

Dynamic Devices provides a range of embedded and Internet of Things (IoT) integration services, supporting their clients from concept and prototyping to post-sale platform support.

https://www.dynamicdevices.co.uk

Delivered by Digital Catapult, funded by UKRI through the Digital Security by Design programme.