Don Bailey (Security Consultant, iSEC Partners)

Presentation Title Micro Control
Presentation Abstract

With the growing popularity of hardware hacking, researchers are becoming more aware of the presence of microcontrollers in modern environments. Microcontrollers have been designed and deployed to control everything from environmental variables in homes and hotels, Trusted Platform Modules, game console components, safety applications in automobiles, and Zigbee wireless meshes.

While elegant research has proven microcontrollers vulnerable to direct physical threats, such as Travis Goodspeed’s GoodFET and glitching research, the heart of the microcontroller is still a processor whose execution environment is vulnerable to some of the same threats as other processors. These threats include buffer overflows, return oriented programming, and in some cases even heap corruption.

Threats such as these are often augmented by the fact that microcontroller software runs in essentially a single ring of protection, meaning that any spurious alteration to the execution environment garners the attacker potential control to the entire microcontroller and its peripherals.

The objective of this lecture is to discuss threat modeling the Atmel MCU and to elaborate on attacks both potential and practical against software running on its core. Demonstrations will be provided and sample exploits, including sample payloads, will also be given to demonstrate how attacks can be made feasible by a determined researcher.

About Don Bailey

Don A. Bailey is a Security Consultant with iSEC Partners, Inc. With over six years in the field, Don has discovered many unknown security vulnerabilities in well used software, analyzed new and proprietary protocols for design and implementation flaws, and helped design and integrate security solutions for up and coming internet software.

While Don’s primary expertise is in developing exploit technology, he is also well versed at reverse engineering, fuzzing, enterprise programming, binary analysis, root-kit detection and design, and network penetration testing. In addition, Don has helped develop and enhance risk management programs for several Fortune 500 companies in recent years and has been invited to speak about risk management from a CISO perspective at government organized conferences.

Don has presented research at several international security conferences since 2005 including stealth root-kit design, zero-day exploit technology, and DECT security. Most recently spoke at Blackhat Las Vegas 2010 and SOURCE Boston 2010 regarding vulnerabilities in the global telephone network and the GSM protocol.