Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Enabling trusted software integrity
Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Tamper Resistant Software: An Implementation
Proceedings of the First International Workshop on Information Hiding
Dynamic Self-Checking Techniques for Improved Tamper Resistance
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Protecting Software Code by Guards
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
An FPGA implementation of an elliptic curve processor GF(2m)
Proceedings of the 14th ACM Great Lakes symposium on VLSI
Hardware assisted control flow obfuscation for embedded processors
Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systems
HIDE: an infrastructure for efficiently protecting information leakage on the address bus
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
A 21.54 Gbits/s Fully Pipelined AES Processor on FPGA
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
SAFE-OPS: An approach to embedded software security
ACM Transactions on Embedded Computing Systems (TECS)
Hardware support for code integrity in embedded processors
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
MiBench: A free, commercially representative embedded benchmark suite
WWC '01 Proceedings of the Workload Characterization, 2001. WWC-4. 2001 IEEE International Workshop
Design principles for tamper-resistant smartcard processors
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Secure coprocessors in electronic commerce applications
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Memory monitor module for embedded systems
Computers and Electrical Engineering
ARMORY: An automatic security testing tool for buffer overflow defect detection
Computers and Electrical Engineering
| Hi-index | 0.02 |
Because of their rapid growth in recent years, embedded systems present a new front in vulnerability and an attractive target for attackers. Their pervasive use, including sensors and mobile devices, makes it easier for an adversary to gain physical access to facilitate both attacks and reverse engineering of the system. This paper describes a system - CODESSEAL - for software protection and evaluates its overhead. CODESSEAL aims to protect embedded systems from attackers with enough expertise and resources to capture the device and attempt to manipulate not only software, but also hardware. The protection mechanism involves both a compiler-based software tool that instruments executables and an on-chip FPGA-based hardware component that provides run-time integrity and control flow checking on the executable code. The use of reconfigurable hardware allows CODESSEAL to provide such security services as confidentiality, integrity and program-flow protection in a platform-independent manner without requiring a redesign of the processor. Similarly, the compiler instrumentation hides the security details from software developers. Software and data protection techniques are presented for our system and a performance analysis is provided using cycle accurate simulation. Our experimental results show that protecting instructions and data with a high level of security can be achieved with low performance penalty, in most cases less than 10%.