Kintsugi: Secure Hotpatching for Code-Shadowing Real-Time Embedded Systems
No ratings
Presented at USENIX Security 2025 by
Mission-critical embedded devices deal with strict real-time constraints, and thus make traditional updates or reboots unsuitable. While runtime fixes (i.e., hotpatching) reduce downtime, they pose challenges for resource management and real-time performance. Previous work has focused mainly on hotpatching devices executing their firmware from flash, neglecting those that use code-shadowing to execute firmware from RAM. These approaches neglect secure end-to-end hotpatch deployment during runtime, putting vulnerable devices at risk.