Security intelligence researchers Ta-Lun Yen (TXOne Networks) and Federico Maggi (Trend Micro FTR) will present their talk The Data Distribution Service (DDS) Protocol is Critical: Let’s Use it Securely! at this year’s Black Hat Europe 2021 cybersecurity expo. This research, which was also worked on by Erik Boasson (ADLINK Technology), Victor Mayoral-Vilches (Alias Robotics), Mars Cheng (TXOne Networks), Patrick Kuo (TXOne Networks), and Chizuru Toyama (TXOne Networks) in addition to Ta-Lun and Federico, shares vulnerabilities that were discovered and disclosed in most implementations of the OMG Data Distribution Service (DDS). Technologies such as autonomous driving, healthcare machinery, military tactical systems, and missile launch stations all make use of DDS, and it’s also used by NASA, SIEMENS, Volkswagen, Bosch, and NAV CANADA.
DDS is designed around industrial-level requirements to allow transparent communication between an arbitrary number of endpoints, with an abstract API that relies on familiar data specifications and simple function calls regardless of the complexity of the data. In this talk, Ta-Lun and Federico will give a bottom-up view of DDS and its packet structure. Vulnerabilities exposed by their research include an amplification vulnerability that allows attackers to redirect flood an arbitrary host as well as a parsing vulnerability that allows an attacker to use a malicious configuration file to gain initial access.
This talk takes listeners from knowing nothing about DDS to efficiently researching new vulnerabilities, as well as revealing some of DDS’ fundamental weaknesses.