Security evaluation of microcontrollers: a case study in smart watches
Smart watches contain sensitive information like application software, user health and fitness data. Some of these data are often stored in embedded flash memory in microcontrollers. Here we explore two flash memory reading techniques to evaluate data security in smart watches against hardware attac...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Other Authors: | |
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/173697 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Smart watches contain sensitive information like application software, user health and fitness data. Some of these data are often stored in embedded flash memory in microcontrollers. Here we explore two flash memory reading techniques to evaluate data security in smart watches against hardware attacks. One technique is the common approach of logical data acquisition, which is non-invasive and access the data through debug interface. It dumps the whole flash memory content based on its logical address. The other technique is a new selective staining approach. It extracts data directly from memory cells and requires invasive sample preparation. It extracts all binary bits in the flash memory based on its physical address. These two techniques are complementary to one another and ensure the accuracy of extracted memory content. The nature of data in the flash memory was confirmed by comparing the data between a new and a used watch. Majority of the flash memory was used for application software, with a small region found reserved to store the last shutdown information of the watch. |
|---|