Test 1

Test Case ID: BIS-2.1.1 Test Name: TC_VERIFY_MEMORY_PROTECTION_MECHANISMS

Objective

To verify, in the presence of the OEM team, that memory protection controls such as ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention) are supported and enabled in the DUT's operating system. Verification is conducted using system-level commands and available diagnostic tools.

Tools Used

  • Native Linux/embedded OS command-line tools

  • dmesg, /proc/, and sysctl interface

  • Open-source security validation tools (e.g., execstack, paxctl, readelf)

  • (Optional) Microsoft EMET or similar tools for Windows-based embedded platforms

Test Execution Steps

  1. OEM Session Initiation

    • Conduct testing in the presence of the OEM team to validate observations and gather feedback on vendor-claimed memory protection features.

  2. ASLR Verification

    • Execute:

      cat /proc/sys/kernel/randomize_va_space

      • Expected value: 2 (Full randomization enabled)

    • Review /proc/[pid]/maps for randomized memory addresses of running processes.

  3. DEP Verification

    • Use tools such as dmesg, execstack, or review kernel boot parameters for non-executable stack/heap settings. Example:

      dmesg | grep NX
execstack -q /usr/bin/<binary>

  4. Result Documentation

    • Capture command outputs and OEM confirmation.

    • Log responses indicating ASLR and DEP are actively enforced.

Expected Results for Pass

  • ASLR: Confirmed enabled via randomize_va_space = 2, and randomized process memory maps.

  • DEP: System prevents code execution in non-executable memory regions; NX (No-eXecute) bit is active or equivalent protection is in place.

  • Documentation and logs confirm both mechanisms are correctly implemented and functional.

Test Observations

(Insert findings here — e.g., "randomize_va_space returned 2; NX protection enabled per dmesg; no executable stacks detected in process binaries.")

Evidence Provided

  • Command output screenshots/logs

  • Kernel message excerpts (dmesg)

  • /proc memory map samples

  • OEM-signed verification record

Test Case Result

Pass – ASLR and DEP confirmed enabled and functional ☐ Fail – One or both protections disabled or non-functional

Overall Test Result

(Summarize final result — e.g., "Memory protection features verified successfully; DUT complies with requirement.")

Previous2.1 Verify Memory Protection MechanismsNext2.2 Test Firmware Data-in-Transit Security

Last updated

Was this helpful?