Embedded Device Vulnerability Repair Based on Hot Patches

preprint OA: closed
View at publisher

Abstract

Industrial control systems may be affected by vulnerabilities, leading to a series of security issues. However, existing vulnerability remediation methods mainly include static patching and dynamic patching, but due to the hardware resource constraints and complex application environments faced by embedded devices, these traditional methods all suffer from the limitations of high risk of service interruption and high resource overhead, which make it difficult to satisfy the special needs of embedded devices in terms of security and continuity assurance. For this reason, this paper proposes a hot-patch-based vulnerability repair method for embedded devices. The method utilizes hardware built-in functions to perform vulnerability repair during system runtime, effectively reducing system downtime and optimizing resource consumption during the repair process. Specifically, the repair method proposed in this paper contains four steps: vulnerability identification, vulnerability localization, patch preparation and patch switching. By using the onboard debugging unit to replace instructions at runtime, thus avoiding device downtime and system reboot, the system continuity of the embedded device is guaranteed.The experimental results show that this method achieves efficient and secure vulnerability repair while meeting the real-time and resource constraints of embedded devices, providing an innovative and effective way to improve the security and reliability of embedded devices.

My notes (saved in your browser only)

Citation neighborhood (no data yet)

We don't have any in-corpus citations linked to this paper yet. This is a recent paper (2025) — citers typically take a year or two to land, and the OpenAlex reference graph may still be filling in.

Source provenance

europepmc
last seen: 2026-05-20T01:45:00.602351+00:00