The Community for Technology Leaders
RSS Icon
Issue No.06 - June (2010 vol.59)
pp: 847-854
Shufu Mao , University of Massachusetts Amherst, Amherst
Tilman Wolf , University of Massachusetts Amherst, Amherst
The inherent limitations of embedded systems make them particularly vulnerable to attacks. We have developed a hardware monitor that operates in parallel to an embedded processor and detects any attack that causes the embedded processor to deviate from its originally programmed behavior. We explore several different characteristics that can be used for monitoring and quantify trade-offs between these approaches. Our results show that our proposed hash-based monitoring pattern can detect attacks within one instruction cycle at lower memory requirements than traditional approaches that use control flow information.
Embedded system security, processing monitor, security enforcement.
Shufu Mao, Tilman Wolf, "Hardware Support for Secure Processing in Embedded Systems", IEEE Transactions on Computers, vol.59, no. 6, pp. 847-854, June 2010, doi:10.1109/TC.2010.32
[1] S. Ravi, A. Raghunathan, and S. Chakradhar, "Tamper Resistance Mechanisms for Secure, Embedded Systems," Proc. 17th Int'l Conf. Very Large Scale Integration Design (VLSI Design '04), pp. 605-611, Jan. 2004.
[2] A. Wood and J.A. Stankovic, "Denial of Service in Sensor Networks," Computer, vol. 35, no. 10, pp. 54-62, Oct. 2002.
[3] P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis," Proc. 19th Ann. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO '99), pp. 388-397, 1999.
[4] S. Chari, C.S. Jutla, J.R. Rao, and P. Rohatgi, "Towards Sound Approaches to Counteract Power-Analysis Attacks," Proc. 19th Ann. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO '99), pp. 398-412, 1999.
[5] G. Gogniat, T. Wolf, W. Burleson, J.-P. Diguet, L. Bossuet, and R. Vaslin, "Reconfigurable Hardware for High-Security/High-Performance Embedded Systems: The SAFES Perspective," IEEE Trans. Very Large Scale Integration (VLSI) Systems, vol. 16, no. 2, pp. 144-155, Feb. 2008.
[6] D. Arora, S. Ravi, A. Raghunathan, and N.K. Jha, "Secure Embedded Processing through Hardware-Assisted Run-Time Monitoring," Proc. Design, Automation, and Test in Europe Conference and Exhibition (DATE '05), pp. 178-183, Mar. 2005.
[7] R.G. Ragel and S. Parameswaran, "IMPRES: Integrated Monitoring for Processor Reliability and Security," Proc. 43rd Ann. Conf. Design Automation (DAC), pp. 502-505, July 2006.
[8] J. Zambreno, A. Choudhary, R. Simha, B. Narahari, and N. Memon, "SAFE-OPS: An Approach to Embedded Software Security," ACM Trans. Embedded Computing Systems, vol. 4, no. 1, pp. 189-210, Feb. 2005.
[9] M. Abadi, M. Budiu, Ú. Erlingsson, and J. Ligatti, "Control-Flow Integrity Principles, Implementations, and Applications," Proc. ACM Conf. Computer and Comm. Security (CCS), pp. 340-353, Nov. 2005.
[10] N. Nakka, Z. Kalbarczyk, R.K. Iyer, and J. Xu, "An Architectural Framework for Providing Reliability and Security Support," Proc. 2004 Int'l Conf. Dependable Systems and Networks (DSN), pp. 585-594, June 2004.
[11] R.G. Ragel, S. Parameswaran, and S.M. Kia, "Micro Embedded Monitoring for Security in Application Specific Instruction-Set Processors," Proc. 2005 Int'l Conf. Compilers, Architectures, and Synthesis for Embedded Systems (CASES), pp. 304-314, Sept. 2005.
[12] G.E. Suh, J.W. Lee, D. Zhang, and S. Devadas, "Secure Program Execution via Dynamic Information Flow Tracking," Proc. 11th Int'l Conf. Architectural Support for Programming Languages and Operating Systems (ASPLOS-XI), pp. 85-96, Oct. 2004.
[13] Z. Shao, Q. Zhuge, Y. He, and E.H.-M. Sha, "Defending Embedded Systems Against Buffer Overflow via Hardware/Software," Proc. 19th Ann. Computer Security Applications Conf. (ACSAC), pp. 352-363, Dec. 2003.
[14] G.F. Cretu, J.J. Parekh, K. Wang, and S.J. Stolfo, "Intrusion and Anomaly Detection Model Exchange for Mobile Ad-Hoc Networks," Proc. Third IEEE Conf. Consumer Comm. and Networking (CCNC '06), pp. 635-639, Jan. 2006.
[15] M.R. Guthaus, J.S. Ringenberg, D. Ernst, T.M. Austin, T. Mudge, and R.B. Brown, "MiBench: A Free, Commercially Representative Embedded Benchmark Suite," Proc. IEEE Fourth Ann. Workshop Workload Characterization, Dec. 2001.
[16] D. Burger and T.M. Austin, "The SimpleScalar Tool Set, Version 2.0," Dept. of Computer Science, Univ. of Wisconsin in Madison, Technical Report 1342, June 1997.
[17] K.-S. Lhee and S.J. Chapin, "Buffer Overflow and Format String Overflow Vulnerabilities," Software: Practice and Experience, vol. 33, no. 5, pp. 423-460, Apr. 2003.
21 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool