3 types of embedded systems

 

본 글은 임베디드 시스템 종류에 대해 소개한다.

임베디드 시스템의 타입을 아는 것은 취약점 분석 관점에서 유용하다.

특히, 취약점 분석 도구는 특정 타입에 맞춰서 제안되기도 한다.

 

general OS를 사용하는 것이 type1,

custom embedded OS를 사용하는 것이 type2,

OS가 없는 embedded system이 type3이다.

 

아래 내용은 각 논문에서 다양한 임베디드 시스템을 분류하는 방식을 인용한것이다.

임베디드 시스템 취약점 관련 논문들에서 임베디드 시스템을 3가지로 분류하고 있음을 확인할 수 있다.

 

Type-1 systems use general purpose OSs retrofitted for embedded systems; Type-2 systems use custom embedded OSs; and Type-3 systems do not use OS abstractions at all.

 

SoK: Enabling Security Analyses of Embedded Systems via Rehosting

 

General Purpose Embedded Systems (GPES): Also known as Type 1 embedded system, use a general-purpose operating system that is primarily used on servers and desktop systems. Examples include real-time Linux, embedded Windows, and Raspberry Pi. The operating systems are retrofitted for the embedded space but retain many desktop level features, but with stripped down components, and are coupled with lightweight user space environments such as busybox or uClibc. Tools such as Firmadyne and CostinFA require the embedded system they work on to be Linux based systems and will only work on this type of system. Emulating these types of systems greatly benefits from the work done to enable emulation of desktop software and operating systems (e.g., QEMU directly supports emulating the Linux Kernel).

Special Purpose Embedded System (SPES): Type 2 devices from Reference [113] use operating systems specifically developed for embedded systems. They are often commercial products and closed source. Examples include μClinux, ZephyrOS, and VxWorks. These systems are usually single-purpose electronics or control systems. Some of the features that distinguish these systems are that the OS and applications may be compiled separately and the system is not derived from a desktop operating system. Thus, many emulation techniques from the desktop space do not work, and emulation must start from scratch. Re-hosting these systems requires re-hosting both the kernel and user space. Also adding to the challenge of emulating these systems is the fact that the separation between the Kernel and user space is often blurred.

Bare-metal Embedded Systems (BMES): Type 3 devices are embedded systems without a true OS abstraction that we refer to as bare-metal embedded systems (BMES). They often do not have an OS or may include a light-weight OS-Library. An example is an Arduino system. In both cases, the application will directly access hardware and the OS (if present) and applications are statically linked into a single binary.

 

Challenges in Firmware Re-Hosting, Emulation, and Analysis

 

 Type-I: General purpose OS-based devices. General purpose Operating Systems are often retrofitted to suit embedded systems. However, in comparison to the traditional desktop or server counterparts, embedded systems typically follow more minimalistic approaches. For example, the Linux OS kernel is widely used in the embedded world, where it is typically coupled with lightweight user space environments (e.g., busybox and uClibc).
Type-II: Embedded OS-based devices. In recent years, custom operating systems for embedded devices have gained popularity. These systems are particularly suitable for devices with low computational power, and while advanced processor features such as a Memory Management Unit (MMU) may not be present, a logical seperation between kernel and application code is still present. Operating systems such as uClinux, ZephyrOS or VxWorks are examples for these systems and they are usually adopted on single-purpose user electronics, such as IP cameras or DVD players.
Type-III: Devices without an OS-Abstraction. These devices adopt a so called “monolithic firmware”, whose operation is typically based on a single control loop and interrupts triggered from the peripherals in order to handle events from the outer world. 

 

What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices

 

 

 

참고자료

What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices

SoK: Enabling Security Analyses of Embedded Systems via Rehosting

Challenges in Firmware Re-Hosting, Emulation, and Analysis