Implementing Embedded Security on Dual-Virtual-CPU Systems

Peter Wilson; Danny Kershaw; Tiago Alves; Alexandre Frey; Tom Mihm

doi:10.1109/MDT.2007.196

Design&Test
2007
Issue No. 6 - November-December
Abstract - Implementing Embedded Security on Dual-Virtual-CPU Systems

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Peter Wilson Articles by Alexandre Frey Articles by Tom Mihm Articles by Danny Kershaw Articles by Tiago Alves

Implementing Embedded Security on Dual-Virtual-CPU Systems

November-December 2007 (vol. 24 no. 6)

pp. 582-591

	ASCII Text	x
	Peter Wilson, Alexandre Frey, Tom Mihm, Danny Kershaw, Tiago Alves, "Implementing Embedded Security on Dual-Virtual-CPU Systems," IEEE Design & Test of Computers, vol. 24, no. 6, pp. 582-591, November-December, 2007.

	BibTex	x
	@article{ 10.1109/MDT.2007.196, author = {Peter Wilson and Alexandre Frey and Tom Mihm and Danny Kershaw and Tiago Alves}, title = {Implementing Embedded Security on Dual-Virtual-CPU Systems}, journal ={IEEE Design & Test of Computers}, volume = {24}, number = {6}, issn = {0740-7475}, year = {2007}, pages = {582-591}, doi = {http://doi.ieeecomputersociety.org/10.1109/MDT.2007.196}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Design & Test of Computers TI - Implementing Embedded Security on Dual-Virtual-CPU Systems IS - 6 SN - 0740-7475 SP582 EP591 EPD - 582-591 A1 - Peter Wilson, A1 - Alexandre Frey, A1 - Tom Mihm, A1 - Danny Kershaw, A1 - Tiago Alves, PY - 2007 KW - embedded security KW - TrustZone technology KW - programmable KW - security software framework VL - 24 JA - IEEE Design & Test of Computers ER -

Peter Wilson, ARM

Alexandre Frey, Trusted Logic

Tom Mihm, Motorola

Danny Kershaw, ARM

Tiago Alves, ARM

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MDT.2007.196

Security requirements for embedded systems such as consumer devices are becoming stronger. Current designs need an isolated environment that stores and processes sensitive data. New hardware technologies are arriving that provide low-cost, high-performance, isolated environments. Standard open APIs are providing a route to interoperability, defragmentation. and reduced software development costs. Securely, flexibly, and efficiently taking advantage of these standards is a complex software design problem. This article is an introduction to one such hardware technology, and a case study of the design of a programmable security software framework. The discussion will be of interest to all types of system designers, from SoC to software, because security must be designed into the system from the outset.

1. ARM Architecture Reference Manual, ARMv7-A and ARMv7-R ed., ARM DDI 0406 A, ARM, http://infocenter.arm.com/helpindex.jsp.
2. R.B. Lee et al., "Architecture for Protecting Critical Secrets in Microprocessors," Proc. 32nd Int'l Symp. Computer Architecture (ISCA 05), IEEE CS Press, 2005, pp. 2-13.
3. B. Schneier, Secrets and Lies: Digital Security in a Networked World, John Wiley &Sons, 2000.
4. G.E. Suh, "AEGIS: A Single-Chip Secure Processor," master's thesis Dept. of Electrical Eng. and Computer Science, Massachusetts Inst. of Technology, 2005, http://csg.csail.mit.edu/pubs/memos/Memo-489 memo-489.pdf.
5. D. Lie et al., "Architectural Support for Copy and Tamper Resistant Software," Proc. 9th Int'l Conf. Architectural Support for Programming Languages and Operating Systems, ACM Press, 2000, pp. 168-177.
6. R.B. Lee et al., "Collaborative Research: SecureCore for Trustworthy Commodity Computing and Communications," SecureCore Project, proposal no. NSF-0430487 Princeton Univ., 2006-2007, http://palms.ee.princeton.edusecurecore.
7. TrustZone API Specification, PRD29-USGC-000089, v2.0, ARM, June 2006, http://www.arm.com/products/esdtrustzone_apidownload.html .
8. GlobalPlatform GPD/STIP 2.2 Specification, v2.2, GlobalPlatform, Feb. 2005, http://www.globalplatform.orgshowpage.asp?code&=gdpstip .
9. G. Barthe and G. Dufay, "Formal Methods for Smartcard Security," Proc. Foundations of Security Analysis and Design III (FOSAD 05), LNCS 3655, Springer, 2005, pp. 133-177.
10. PKCS #11: Cryptographic Token Interface Standard, v2.20, RSA, 28 June 2004, http://www.rsa.com/rsalabsnode.asp?id&=2133 .

Index Terms:

embedded security, TrustZone technology, programmable, security software framework

Citation:

Peter Wilson, Alexandre Frey, Tom Mihm, Danny Kershaw, Tiago Alves, "Implementing Embedded Security on Dual-Virtual-CPU Systems," IEEE Design & Test of Computers, vol. 24, no. 6, pp. 582-591, Nov.-Dec. 2007, doi:10.1109/MDT.2007.196

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.