Memory Protection Unit: Is It Secure Enough? – PlaxidityX Ep 15

Cars, Hackers & Cyber Security

Content provided by PlaxidityX. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by PlaxidityX or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

11M ago 30:07

MP3•Episode home

Archived series ("Inactive feed" status)

When? This feed was archived on November 03, 2025 11:17 (2M ago). Last successful fetch was on September 19, 2025 14:20 (3M ago)

Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Have you ever wondered how microcontrollers in vehicles manage memory access behind the scenes? This episode sheds light on the Memory Protection Unit, an essential yet sometimes overlooked hardware layer designed to stop unauthorized reads, writes, and execution. We revisit fundamental principles—like differentiating between the Core MPU (CMPU) and the System MPU (SMPU)—and explain how each can become a target for cyber attackers.

Through detailed automotive cyber security case studies involving two newly discovered vulnerabilities, we reveal how a privileged attacker might disable the SMPU entirely. When that happens, carefully drawn security boundaries collapse, exposing critical sections of code and data. The conversation further explores how incomplete hardware locking mechanisms can nullify protective features, leaving devices open to unexpected exploits.

Despite these alarming scenarios, there are proven strategies for mitigating threats. We discuss testing every crucial claim in the datasheet, adopting multiple layers of security, and monitoring vendor errata to stay informed about updated countermeasures. This episode will challenge listeners to question assumptions and take a closer look at an automotive security architecture often assumed to be rock-solid.

Chapters:
(00:00) Introduction to Automotive Memory Protection Units
(01:43) From MMUs to MPUs
(03:08) The MPU: A Modern Day Cyber Sentinel
(05:18) Protection Units in the Automotive Domain
(08:09) Types of MPUs
(08:21) Core MPU (CMPU)
(09:01) System MPU (SMPU)
(09:54) Peripheral Protection Unit (PPU)
(11:54) Some background: The PowerPC architecture
(13:23) The MPU Vulnerabilities
(14:48) The Core MPU and its Limitations
(17:06) The System MPU (SMPU)
(19:38) Configuring the SMPU
(21:50) The SMPU Vulnerability
(23:10) Disclosure to STMicroelectronics
(25:55) Disclosure to NXP
(28:05) MPU Mitigations
(28:55) Concluding remarks
(29:48) Outro on the MPU PlaxidityX Case Study

26 episodes

#Tech #Business #PlaxidityX #Automotive Cyber Security #Automotive Cyber Security Companies #Automotive Cybersecurity Solution #Automotive Network Security #Automotive Security Solutions #Car Cyber Security #Vehicle Cyber Security #Aspice Cyber Security #Sdv Cyber Security #Autosar Cyber Security #Automotive Cyber Security Testing #Automotive Penetration Testing #Connected Car Security