Home >

Partitioning for Security

David Moore - Watch Now - Duration: 34:07

Partitioning for Security
David Moore
A typical embedded system has no security structure. If a hacker breaks in anywhere he has access everywhere — to the keys, critical data, and everything. Secure coding is a great thing to do, but it only takes a single flaw to compromise the whole system, and on a system with thousands of lines of code, it could take a long time to find and fix all problems. It’s a never ending battle because new exploits are conceived continually. Partitioning greatly limits the scope of an intrusion and allows focusing secure coding efforts on the most critical partitions. This talk focuses on use of the Cortex-M Memory Protection Unit to partition the application and RTOS for security. After introducing the MPU and partitioning briefly, it discusses novel techniques at a fairly detailed level. It shows the mechanics with code and build file snippets.
italicssurround text with
boldsurround text with
**two asterisks**
or just a bare URL
surround text with
strikethroughsurround text with
~~two tilde characters~~
prefix with

Score: 0 | 2 months ago | 1 reply

Thank you for your talk - I am programming ARM Cortex-M3 and Cortex-M4 and earlier I was skipping MPU part of the hardware in PDF chip documentation because it was relatively short.

Score: 0 | 2 months ago | 1 reply

Thanks for watching. The chip manuals usually don't cover the MPU because it is defined by ARM in their docs. You can find them easily with Google and download the PDFs:
v7: "arm 0403e" and see section B3.5 Protected Memory System Architecture, PMSAv7
v8: "arm 100699"
Even better is to get Joseph Yiu's book The Definitive Guide to the ARM Cortex-M3 and Cortex-M4. It's the reference standard for the Cortex-M processors.

Score: 0 | 2 months ago | no reply

Thank you! Quick search and I found "ARM DDI 0403E.b" document with B3.5 section.

Score: 1 | 2 months ago | 1 reply

A mouse pointer would have helped to understand what you are talking about.

Score: 0 | 2 months ago | no reply

I agree, especially for the code snippets and tool output that would have been helpful. Thanks for your suggestion!