The rapid development of the Internet of Things (IoT) has enabled novel user-centred applications, including many in safety-critical areas such as healthcare, smart environment security, and emergency response systems. The diversity in IoT manufacturers, standards, and devices creates a combinatorial explosion of such deployment scenarios, leading to increased security and safety threats due to the difficulty of managing such heterogeneity. In almost every IoT deployment, wireless gateways are crucial for interconnecting IoT devices and providing services, yet they are vulnerable to external threats and serve as key entry points for large-scale IoT attacks. Memory-based vulnerabilities are among the most serious threats in software, with no universal solution yet available. Legacy memory protection mechanisms, such as canaries, RELRO, NX, and Fortify, have enhanced memory safety but remain insufficient for comprehensive protection. Emerging technologies like ARM-MTE, CHERI, and Rust are based on more universal and robust Secure-by-Design (SbD) memory safety principles, yet each entails different trade-offs in hardware or code modifications. Given the challenges of balancing security levels with associated overheads in IoT systems, this paper explores the impact of memory safety on the IoT domain through an empirical large-scale analysis of memory-related vulnerabilities in modern wireless gateways. Our results show that memory vulnerabilities constitute the majority of IoT gateway threats, underscoring the necessity for SbD solutions, with the choice of memory-protection technology depending on specific use cases and associated overheads.

翻译：物联网（IoT）的快速发展催生了以用户为中心的新型应用，其中许多涉及医疗保健、智能环境安全及应急响应系统等安全关键领域。物联网制造商、标准与设备的多样性导致部署场景的组合爆炸式增长，由于管理此类异构性存在困难，安全威胁也随之加剧。在几乎所有物联网部署中，无线网关对互联物联网设备及提供服务至关重要，但其易受外部威胁，并成为大规模物联网攻击的关键入口点。基于内存的漏洞是软件领域最严重的威胁之一，目前尚无通用解决方案。传统内存保护机制（如栈保护金丝雀、只读重定位、不可执行内存保护及源码强化）虽提升了内存安全性，仍无法实现全面防护。ARM内存标记扩展、CHERI架构及Rust语言等新兴技术基于更具普适性和鲁棒性的"设计即安全"内存保护原则，但各自在硬件或代码修改方面存在不同权衡。鉴于物联网系统需在安全等级与相关开销间取得平衡的挑战，本文通过对现代无线网关中内存相关漏洞的大规模实证分析，探讨内存安全性对物联网领域的影响。研究结果表明，内存漏洞构成了物联网网关威胁的主体，凸显了采用"设计即安全"解决方案的必要性，而具体内存保护技术的选择需根据实际应用场景及相关开销进行权衡。