RunSafe Security has released a version of its Alkemist security software that supports Yocto-based projects. Alkemist’s Load-time Function Randomization re-stacks memory functions to make it harder for attackers to find a target.

RunSafe Security announced new support for Yocto Project in its Alkemist security software. Developers can now use Alkemist to “immunize” their embedded Linux stacks by adding a layer into Yocto build environments “without changing a line of code or slowing down product releases,” says RunSafe.

Alkemist conceptual diagram
(click image to enlarge)

In typical Yocto based projects, images running on each system are identical. This enables a single vulnerability to expose thousands of systems and allows attackers to easily scale their attacks, says RunSafe. Alkemist can mitigate this scenario with a patented technique called Load-time Function Randomization (LFR).

Before a process begins executing and every time it executes, LFR re-stacks functions in memory to create greater memory diversity. By performing randomization at runtime instead of build-time, Alkemist preserves Yocto’s binary reproducibility capability “while dramatically increasing security against memory-based attacks,” says the company.

Alkemist is a “cyberhardening” tool that uses remotely deployable binary runtime application self-protection (RASP) and Moving Target Defense (MTD) methods to immunize organizations from memory corruption exploits. Specific features include Alkemist BBR (Block-level Binary Randomization) and Alkemist SFR (Stack Frame Randomization), which are applied at the binary development stage.

Alkemist also provides Alkemist ESP (Enterprise Software Protection) packages, which are open source infrastructure components that have been immunized using Alkemist LFR transformations. Alkemist ESP delivers pre-hardened and tested Docker-based images of popular open source software.

 
Further information

The Yocto-ready version of Alkemist appears to be available now at an undisclosed price. More information may be found in RunSafe Security’s announcement and Yocto/Alkemist integration page, which links to a sign-up form for a June 17 webinar. You can also check out the Alkemist product page.