Bluetooth Low Energy (BLE) is a wireless communication protocol based on the Bluetooth standard, specifically developed to enable short-range data exchange between low-power, resource-constrained embedded devices. Attacks that exploit packet-based vulnerabilities in the BLE protocol stack are common. Rapidly patching these vulnerabilities faces two primary challenges. First, the standard firmware update process typically necessitates taking devices offline, resulting in service interruptions that may disrupt critical operations. Second, real-time operating system vendors must develop and maintain separate patches for each device architecture, significantly increasing both development time and engineering workload. This paper presents BluePLP, a lightweight live patching framework designed for BLE devices. BluePLP leverages the system’s built-in exception handling mechanisms to redirect execution from vulnerable code to corresponding patch code, enabling vulnerability mitigation without requiring device downtime. In addition, it utilizes hardware breakpoints to support live patching across multiple processor architectures. We evaluated BluePLP on three BLE devices based on Cortex M3, Cortex M4, and Xtensa LX7 cores. The framework successfully remediated 25 vulnerabilities in BLE protocol stacks and was deployed in a commercial heart rate monitor. Experimental results show that BluePLP can apply patches in as little as two microseconds, providing rapid, architecture-independent runtime protection.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

BluePLP: Dynamic Vulnerability Patching for Heterogeneous BLE Devices

  • Xupu Hu,
  • Zhongfeng Jin,
  • Tongjie Wei,
  • Peng Zhang,
  • Chonghua Wang,
  • Ming Zhou

摘要

Bluetooth Low Energy (BLE) is a wireless communication protocol based on the Bluetooth standard, specifically developed to enable short-range data exchange between low-power, resource-constrained embedded devices. Attacks that exploit packet-based vulnerabilities in the BLE protocol stack are common. Rapidly patching these vulnerabilities faces two primary challenges. First, the standard firmware update process typically necessitates taking devices offline, resulting in service interruptions that may disrupt critical operations. Second, real-time operating system vendors must develop and maintain separate patches for each device architecture, significantly increasing both development time and engineering workload. This paper presents BluePLP, a lightweight live patching framework designed for BLE devices. BluePLP leverages the system’s built-in exception handling mechanisms to redirect execution from vulnerable code to corresponding patch code, enabling vulnerability mitigation without requiring device downtime. In addition, it utilizes hardware breakpoints to support live patching across multiple processor architectures. We evaluated BluePLP on three BLE devices based on Cortex M3, Cortex M4, and Xtensa LX7 cores. The framework successfully remediated 25 vulnerabilities in BLE protocol stacks and was deployed in a commercial heart rate monitor. Experimental results show that BluePLP can apply patches in as little as two microseconds, providing rapid, architecture-independent runtime protection.