2. REALTEK 瑞昱半導體
全球前十大 IC 設計公司
網路通訊 IC – ethernet / wifi
PC 周邊, 多媒體 Audio – AC97 , video – ISP/H.264
TV
3. WHAT IS IOT
The internet working of physical devices, vehicles (also referred to as
"connected devices" and "smart devices"), buildings and other items—
embedded with electronics, software, sensors, actuators, and network
connectivity that enable these objects to collect and exchange data.
• Ref: wiki IoT
4. 君の名は
90’s : Internet
SUN - JAVA (Oak) 智慧家電
1995 - 比爾蓋茲 - 未來之路
Motorola 銥計畫 - 50億美元 / 66顆衛星
IoE ( Internet of Everything ) - Cisco / Qualcomm
M2M : machine to machine
Web of Things
===> SkyNet?
29. WEB ATTACK
1. https port 443 掃端口
2. XOR-based firmware encryption 反
組譯
3. found buffer overflow vulnerability in
the CGI script 找漏洞
4. sending a very long session cookie to
the script
5. full control over the device
Ref:
http://126kr.com/article/8fer1xbx1m
9
30. IOT CLIENT ATTACK
Program
Buffer overflow
random number - TRNG
System
unnecessary open ports
firmware rollback / firmware update
Device Attack
物理接觸 : e.g. flash, steal code
DOS/DDOS/wifi jammer/… : 功能癱瘓
50. ARM V8M SAU
除了原本 MPU 外, 新增 SAU 來幫忙
做權限管理
memory 先透過 SAU 劃分成 secure
/ no-secure
IRQ 也分為 secure / non-secure
Non-Secure
MPU
Secure
MPU
Security
Attribution
Unit (SAU)
System
Level
Control
Request from CPU
Request to System