Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
MediaBench: a tool for evaluating and synthesizing multimedia and communicatons systems
MICRO 30 Proceedings of the 30th annual ACM/IEEE international symposium on Microarchitecture
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Writing Secure Code
Cryptography and Network Security: Principles and Practice
Cryptography and Network Security: Principles and Practice
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Oblivious Hashing: A Stealthy Software Integrity Verification Primitive
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
Dynamic Self-Checking Techniques for Improved Tamper Resistance
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Protecting Software Code by Guards
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Exploiting Software: How to Break Code
Exploiting Software: How to Break Code
MiBench: A free, commercially representative embedded benchmark suite
WWC '01 Proceedings of the Workload Characterization, 2001. WWC-4. 2001 IEEE International Workshop
Secure coprocessor-based intrusion detection
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Enhancing security through hardware-assisted run-time validation of program data properties
CODES+ISSS '05 Proceedings of the 3rd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis
IMPRES: integrated monitoring for processor reliability and security
Proceedings of the 43rd annual Design Automation Conference
Architectural support for safe software execution on embedded processors
CODES+ISSS '06 Proceedings of the 4th international conference on Hardware/software codesign and system synthesis
Proceedings of the conference on Design, automation and test in Europe
Hardware support for secure processing in embedded systems
Proceedings of the 44th annual Design Automation Conference
Ensuring secure program execution in multiprocessor embedded systems: a case study
CODES+ISSS '07 Proceedings of the 5th IEEE/ACM international conference on Hardware/software codesign and system synthesis
Architectural support for run-time validation of program data properties
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
SHIELD: a software hardware design methodology for security and reliability of MPSoCs
Proceedings of the 45th annual Design Automation Conference
LOCS: a low overhead profiler-driven design flow for security of MPSoCs
CODES+ISSS '08 Proceedings of the 6th IEEE/ACM/IFIP international conference on Hardware/Software codesign and system synthesis
Hierarchical multi-agent protection system for NoC based MPSoCs
Proceedings of the International Workshop on Security and Dependability for Resource Constrained Embedded Systems
Design of a secure packet processor
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
PoliMakE: a policy making engine for secure embedded software execution on chip-multiprocessors
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
Enhancing network-on-chip components to support security of processing elements
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
CUFFS: an instruction count based architectural framework for security of MPSoCs
Proceedings of the Conference on Design, Automation and Test in Europe
Securing the data path of next-generation router systems
Computer Communications
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Worst-case execution time analysis for parallel run-time monitoring
Proceedings of the 49th Annual Design Automation Conference
INVISIOS: A Lightweight, Minimally Intrusive Secure Execution Environment
ACM Transactions on Embedded Computing Systems (TECS)
A survey and taxonomy of on-chip monitoring of multicore systems-on-chip
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Information and Software Technology
Towards trustworthy medical devices and body area networks
Proceedings of the 50th Annual Design Automation Conference
High-performance hardware monitors to protect network processors from data plane attacks
Proceedings of the 50th Annual Design Automation Conference
Leveraging speculative architectures for runtime program validation
ACM Transactions on Embedded Computing Systems (TECS)
Secure embedded system hardware design - A flexible security and trust enhanced approach
Computers and Electrical Engineering
Hi-index | 0.02 |
Security is emerging as an important concern in embedded system design. The security of embedded systems is often compromised due to vulnerabilities in "trusted" software that they execute. Security attacks exploit these vulnerabilities to trigger unintended program behavior, such as the leakage of sensitive data or the execution of malicious code. In this work, we present a hardware-assisted paradigm to enhance embedded system security by detecting and preventing unintended program behavior. Specifically, we extract properties of an embedded program through static program analysis, and use them as the bases for enforcing permissible program behavior in real-time as the program executes. We present an architecture for hardware-assisted run-time monitoring, wherein the embedded processor is augmented with a hardware monitor that observes the processor's dynamic execution trace, checks whether the execution trace falls within the allowed program behavior, and flags any deviations from the expected behavior to trigger appropriate response mechanisms. We present properties that can be used to capture permissible program behavior at different levels of granularity within a program, namely inter-procedural control flow, intra-procedural control flow, and instruction stream integrity. We also present a systematic methodology to design application-specific hardware monitors for any given embedded program. We have evaluated the hardware requirements and performance of the proposed architecture for several embedded software benchmarks. Hardware implementations using a commercial design flow, and architectural simulations using the SimpleScalar framework, indicate that the proposed technique can thwart several common software and physical attacks, facilitating secure program execution with minimal overheads.