| | This Article | |
| |
| |
| | Share | |
| |
| |
| | Bibliographic References | |
| |
| |
| | Add to: | |
| |
 Digg
 Furl
 Spurl
 Blink
 Simpy
 Google
 Del.icio.us
 Y!MyWeb
| |
| | Search | |
| |
| |
| | |
Implementing Embedded Security on Dual-Virtual-CPU Systems
November-December 2007 (vol. 24 no. 6)
pp. 582-591
Security requirements for embedded systems such as consumer devices are becoming stronger. Current designs need an isolated environment that stores and processes sensitive data. New hardware technologies are arriving that provide low-cost, high-performance, isolated environments. Standard open APIs are providing a route to interoperability, defragmentation. and reduced software development costs. Securely, flexibly, and efficiently taking advantage of these standards is a complex software design problem. This article is an introduction to one such hardware technology, and a case study of the design of a programmable security software framework. The discussion will be of interest to all types of system designers, from SoC to software, because security must be designed into the system from the outset.
1. 582 ARM Architecture Reference Manual, ARMv7-A and ARMv7-R ed., ARM DDI 0406 A, ARM, http://infocenter.arm.com/helpindex.jsp.2. R.B. Lee et al., "Architecture for Protecting Critical Secrets in Microprocessors," Proc. 32nd Int'l Symp. Computer Architecture (ISCA 05), IEEE CS Press, 2005, pp. 2-13.3. B. Schneier, Secrets and Lies: Digital Security in a Networked World, John Wiley &Sons, 2000.4. G.E. Suh, "AEGIS: A Single-Chip Secure Processor," master's thesis Dept. of Electrical Eng. and Computer Science, Massachusetts Inst. of Technology, 2005, http://csg.csail.mit.edu/pubs/memos/Memo-489 memo-489.pdf.5. D. Lie et al., "Architectural Support for Copy and Tamper Resistant Software," Proc. 9th Int'l Conf. Architectural Support for Programming Languages and Operating Systems, ACM Press, 2000, pp. 168-177.6. R.B. Lee et al., "Collaborative Research: SecureCore for Trustworthy Commodity Computing and Communications," SecureCore Project, proposal no. NSF-0430487 Princeton Univ., 2006-2007, http://palms.ee.princeton.edusecurecore.7. TrustZone API Specification, PRD29-USGC-000089, v2.0, ARM, June 2006, http://www.arm.com/products/esdtrustzone_apidownload.html .8. GlobalPlatform GPD/STIP 2.2 Specification, v2.2, GlobalPlatform, Feb. 2005, http://www.globalplatform.orgshowpage.asp?code&=gdpstip .9. G. Barthe and G. Dufay, "Formal Methods for Smartcard Security," Proc. Foundations of Security Analysis and Design III (FOSAD 05), LNCS 3655, Springer, 2005, pp. 133-177.10. PKCS #11: Cryptographic Token Interface Standard, v2.20, RSA, 28 June 2004, http://www.rsa.com/rsalabsnode.asp?id&=2133 .
Index Terms:
embedded security, TrustZone technology, programmable, security software framework
Citation:
Peter Wilson, Alexandre Frey, Tom Mihm, Danny Kershaw, Tiago Alves, "Implementing Embedded Security on Dual-Virtual-CPU Systems," IEEE Design and Test of Computers, vol. 24, no. 6, pp. 582-591, Nov. 2007, doi:10.1109/MDT.2007.196
