Internet of Things (IoT) devices have been increasingly integrated into our daily life. However, such smart devices suffer a broad attack surface. Particularly, attacks targeting the device software at runtime are challenging to defend against if IoT devices use resource-constrained microcontrollers (MCUs). TrustZone-M, a TrustZone extension for MCUs, is an emerging security technique fortifying MCU based IoT devices. This paper presents the first security analysis of potential software security issues in TrustZone-M enabled MCUs. We explore the stack-based buffer overflow (BOF) attack for code injection, return-oriented programming (ROP) attack, heap-based BOF attack, format string attack, and attacks against Non-secure Callable (NSC) functions in the context of TrustZone-M. We validate these attacks using the TrustZone-M enabled SAM L11 MCU. Strategies to mitigate these software attacks are also discussed.

中文翻译：

---

基于 TrustZone-M 的物联网设备运行时软件安全

物联网 (IoT) 设备已越来越多地融入我们的日常生活。然而，此类智能设备遭受广泛的攻击面。特别是，如果物联网设备使用资源受限的微控制器 (MCU)，则在运行时针对设备软件的攻击很难防御。TrustZone-M 是 MCU 的 TrustZone 扩展，是一种新兴的安全技术，可强化基于 MCU 的物联网设备。本文首次对启用 TrustZone-M 的 MCU 中的潜在软件安全问题进行了安全分析。我们探讨了针对代码注入的基于堆栈的缓冲区溢出 (BOF) 攻击、面向返回的编程 (ROP) 攻击、基于堆的 BOF 攻击、格式字符串攻击以及针对非安全可调用 (NSC) 函数的攻击。 TrustZone-M。我们使用支持 TrustZone-M 的 SAM L11 MCU 验证这些攻击。