Google says it’s working with ecosystem partners to harden the security of firmware that interacts with Android.
The Android operating system runs on what is called an application processor (AP), which is one of many processors in the system-on-chip (SoC) for various tasks such as cellular communications and multimedia processing. I’m sorry.
“Securing the Android platform requires going beyond the application processor,” said the Android team. Android’s defense-in-depth strategy also applies to the firmware running in the bare metal environment of these microcontrollers. This is because it is a significant part of the device’s attack surface. “
The company’s goal is to harden the security of software running on these secondary processors (i.e. firmware) so that vulnerabilities can be exploited over the air to execute remote code within Wi-Fi SoCs or cellular basebands. to make it difficult.
To that end, Google said it researched and enabled compiler-based sanitizers and enabled memory safety features in the firmware for exploit mitigation.
Given the resource constraints associated with bare metal targets, the idea is to “enhance the most exposed attack surface while minimizing performance/stability impact”.
Another important area is writing firmware code using a memory-safe programming language like Rust in an ongoing effort to increase its adoption across platforms.
“Hardening the firmware that runs on bare metal to significantly improve the level of protection on more Android surfaces is one of our Android security priorities,” said Google.
