Approved for public release, distribution is unlimited / A dynamic subversion attack on the Windows XP Embedded operating system is demonstrated to raise awareness in developers and consumers of the risk of subversion in commercial operating systems that may be safety critical. SCADA (Supervisory Control and Data Acquisition) systems that monitor and control our critical infrastructure depend on embedded systems. The attack can be loaded onto a fielded system that has been subverted with a small software artifice. The artifice could be inserted into the system at any time in the system's lifecycle. The attack provides a flexible method for the attacker, who may not be the same individual who inserted the artifice, to gain total control of the subverted system. Due to the dynamic loading property of this subversion, the attacker does not have to decide the aspect of the system to be targeted until a time of her choice. The attack does not exploit an existing flaw in the target module but is possible because the initial artifice is inserted into the kernel of an operating system where adversaries have access to source code. This thesis discusses certain aspects of known methods for developing systems free from subversion. Several projects that utilized these methods are presented. / Civilian, Naval Postgraduate School
Identifer | oai:union.ndltd.org:nps.edu/oai:calhoun.nps.edu:10945/944 |
Date | 06 1900 |
Creators | Murray, Jessica L. |
Contributors | Irvine, Cynthia E., Schell, Roger B., Naval Postgraduate School (U.S.), Department of Computer Science |
Publisher | Monterey, California. Naval Postgraduate School |
Source Sets | Naval Postgraduate School |
Detected Language | English |
Type | Thesis |
Format | xviii, 94 p. : ill. (some col.), application/pdf |
Rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. As such, it is in the public domain, and under the provisions of Title 17, United States Code, Section 105, may not be copyrighted. |
Page generated in 0.0019 seconds