Final Exam Study Questions

Part of the homework for 22C:169, Spring 2006
by Douglas W. Jones
THE UNIVERSITY OF IOWA Department of Computer Science

These study questions are not going to appear on the final exam, however, these questions are intended to inspire thinking about subjects that will be on the exam.

  1. The Whatchamacalit Certified Security Device contains a microprocessor, RAM and flash EEPROM, as well as a compact flash slot on the side of it and various other bits and pieces. This machine executes firmware directly from the flash EEPROM, so when you power it up, it begins executing by fetching address zero from the flash memory.

    It uses flash memory for the firmware so that firmware upgrades can be done. Consider the following model for upgrades:

    The firmware pre-loaded in the machine at the time of manufacture includes logic to examine the compact flash card whenever it finds such a card being inserted in the compact flash socket. This card is expected to contain a standard DOS-format directory on it. If it finds such a directory, it searches this directory for a file named "upgrade-n". If such a file exists, it flash erases the contents of block n of the internal flash EEPROM and loads the contents of that file into that block of flash EEPROM.

    a) You are concerned about the integrity of the system. You think someone may have had an opportunity to insert an unknown compact flash card into the machine, and as a result, unknown software may have been loaded. Short of physical disassembly, Can you possibly prove to yourself that the contents of the flash EEPROM are OK or can you possibly force the system into a known state that is provably free of unknown code?

    b) How should the system be modified to prevent uncertified code from being inserted?

    c) A technical question that would be more in the spirit of an assembly language course than a security course: How do you go about replacing the block of flash EEPROM containing the loader? Also, how do you get the initial contents of the flash EEPROM into place in order to allow loading new versions?

  2. Expect a question about capability-based protection mechanisms. We discussed this in two contexts, Amoeba and Chapter 4, so an obvious way to study this issue is to contrast the use of capabilities in Amoeba with the use of capabilitity-based addressing of main memory.

  3. Look at the midterm exam. Some of the questions there were hard enough that few got the answer. The final won't come back to these issues, but it will ask questions related to at least some of the questions that caused trouble on the midterm.
There will be other questions! That is to say, some of the questions on the final exam will not be based on these study questions. Anticipate the unexpected. If we discussed it in class, it is fair game.

The exam will be open-notes, open-book