2.1 Verify Memory Protection Mechanisms

2.1 – Verify Memory Protection Mechanisms

Requirement Description

Verify that memory protection mechanisms, specifically ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention), are supported and enabled by the embedded/IoT operating system used in the DUT, if applicable. These controls help mitigate memory corruption attacks such as buffer overflows and code injection.

DUT Confirmation Details

  • OEM Statement: (Insert vendor confirmation of ASLR/DEP support and enablement status.)

  • Observed State: (Insert findings after testing and validation.)

DUT Software Details

  • Operating System/Kernel Version: ___________________

  • Build Date: ___________________

  • Firmware/Software Version: ___________________

Hash Checksum Verification for DUT’s Software Image

  • Algorithm Used: SHA-256 (or equivalent)

  • Expected Hash: ___________________

  • Calculated Hash: ___________________

  • Result: Pass / Fail

DUT Configuration

(Insert configuration commands, outputs, or settings used to confirm ASLR and DEP enablement.) Example:

cat /proc/sys/kernel/randomize_va_space
dmesg | grep -i NX
grep -i execstack /proc/*/maps

Pre-Conditions

The vendor shall provide:

  • A signed declaration of memory protection mechanisms (ASLR, DEP, etc.) available on the device and their current status (enabled/disabled).

Test Plan

Total Number of Test Cases: 1

Planned Test Case:

  • BIS-2.1.1 – Verification of ASLR and DEP enablement through system inspection and behavior testing.

Test-bed Diagram with Interfaces and IPs

(Attach diagram showing DUT, terminal/console interface, debugger (if used), and any supporting tools used to verify memory protection features.)

Previous2.Software/FirmwareNextTest 1

Last updated

Was this helpful?