Security News > 2020 > August > Researchers aim to improve code patching in embedded systems
Three Purdue University researchers and their teammates at the University of California, Santa Barbara and Swiss Federal Institute of Technology Lausanne have received a DARPA grant to fund research that will improve the process of patching code in vulnerable embedded systems.
"Many embedded systems, like computer systems running in trucks, airplanes and medical devices, run old code for which the source code and the original compilation toolchain are unavailable," Antonio Bianchi, assistant professor of computer science at Purdue University said.
"Many old software components running in these systems are known to contain vulnerabilities; however, patching them to fix these vulnerabilities is not always possible or easy."
Without source code, patching a vulnerability necessitates editing the binary code directly, Bianchi said.
Because of these difficulties, he said, the code running in embedded systems is often left unpatched, even when it is known to be vulnerable.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/-MlvgdIuYgY/