Join us for an evening of fun at this month’s hack::soho taking place 24 April, 6pm – 9pm GMT, set up to be a loose networking environment where cyber security professionals can chat, get some complimentary food & drink, and discuss rising global trends.
This month’s hack::soho will feature a talk from IOActive’s Senior Director of Operating Systems Security, Ilja van Sprundel. The abstract of the talk, ‘Assessing the security of ThreadX, a modern RTOS,’ is below!
hack::soho is a monthly event hosted at our London, UK office for the cybersecurity and hacking community to discuss all things security over food and refreshments. We welcome you to invite others in your circle to extend our collective network.
We hope you can join us,
IOActive team
ABSTRACT
In this talk, we will explore the security landscape of ThreadX, a modern Real-Time Operating System (RTOS) widely utilized in critical embedded systems across industries such as automotive, medical, and consumer electronics. As the backbone of these embedded devices, the security of ThreadX is paramount, yet it remains under-scrutinized.
We will begin by introducing ThreadX, discussing its architecture, and examining its common use cases. The presentation will then delve into a detailed mapping of potential security entry points, including remote entry points such as the network stack, TLS, and network services, as well as local/physical entry points like the filesystem and USB interfaces.
In our discussion of findings, we will present several vulnerabilities, including instances of memory corruption in the TCP/IP stack and an information leak in the TLS stack. These findings will be analyzed to highlight the broader implications for system security.
We will conclude with observations drawn from our research, offer conclusions on the current security posture of ThreadX, and propose a call to action for further scrutiny and hardening of RTOS systems in critical applications.