Abstract
The new-found ubiquity of embedded processors in consumer and industrial applications brings with it an intensified focus on security, as a strong level of trust in the system software is crucial to their widespread deployment. The growing area of software protection attempts to address the key steps used by hackers in attacking a software system. In this paper, we introduce a unique approach to embedded software protection that utilizes a hardware/software codesign methodology. Results demonstrate that this framework can be the successful basis for the development of embedded applications that meet a wide range of security and performance requirements.
- Actel. 2003a. CoreDES data sheet, v2.0. Available at http://www.actel.com.]]Google Scholar
- Actel. 2003b. Design security with Actel FPGAs. Available at http://www.actel.com.]]Google Scholar
- Appel, A. W. and Felten, E. W. 1999. Proof-carrying authentication. In Proceedings of the 6th ACM Conference on Computer and Communications Security. 52--62.]] Google Scholar
- ARM. 1999. Application note 32: The ARMulator. Available at http://www.arm.com.]]Google Scholar
- Aucsmith, D. 1996. Tamper-resistant software: An implementation. In Proceedings of the 1st International Workshop on Information Hiding. 317--333.]] Google Scholar
- Baifanz, D., Dean, D., and Spreitzer, M. 2000. A security infrastructure for distributed Java applications. In Proceedings of the 2000 IEEE Symposium on Security and Privacy. 15--26.]] Google Scholar
- Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., and Yang, K. 2001. On the (im)possibility of obfuscating programs. In Proceedings of Advances in Cryptology (CRYPTO '01). 1--18.]] Google Scholar
- Bauer, L., Schneider, M., and Felten, E. 2001. A Proof-Carrying Authorization System. Tech. Rep. CS-TR-638-01, Department of Computer Science, Princeton University.]]Google Scholar
- Bellare, M., Canetti, R., and Krawczyk, H. 1996. Message authentication using hash functions: The HMAC construction. RSA Laboratories' CryptoBytes 2, 1 (Spring).]]Google Scholar
- Chang, H. and Atallah, M. 2000. Protecting software code by guards. In Proceedings of the ACM Workshop on Security and Privacy in Digital Rights Management. 160--175.]] Google Scholar
- Chang, S., Litva, P., and Main, A. 2001. Trusting DRM software. In Proceedings of the W3C Workshop on Digital Rights Management for the Web.]]Google Scholar
- Clark, P. and Hoffman, L. 1994. BITS: A smartcard protected operating system. Commun. ACM 37, 11 (Nov.), 66--70.]] Google Scholar
- Collberg, C. and Thomborson, C. 1999. Software watermarking: models and dynamic embeddings. In Proceedings of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. 311--324.]] Google Scholar
- Collberg, C. and Thomborson, C. 2002. Watermarking, tamper-proofing, obfuscation: Tools for software protection. IEEE Trans. Software Eng. 28, 8 (Aug.), 735--746.]] Google Scholar
- Collberg, C., Thomborson, C., and Low, D. 1997. A Taxonomy of Obfuscating Transformations. Tech. Rep. 148, Department of Computer Science, The University of Auckland.]]Google Scholar
- Collberg, C., Thomborson, C., and Low, D. 1998. Breaking abstractions and unstructuring data structures. In Proceedings of the IEEE International Conference on Computer Languages. 28--38.]] Google Scholar
- Computer Security Institute and Federal Bureau of Investigation. 2002. CSI/FBI 2002 computer crime and security survey. Available at http://www.gocsi.com.]]Google Scholar
- Daeman, J. and Rijmen, V. 2000. The block cipher Rijndael. In Smart Card Research and Applications, J.-J. Quisquater and B. Schneier, Eds. Lecture Notes in Computer Science, vol. 1820. Springer-Verlag, Berlin, 288--296.]] Google Scholar
- Dallas Semiconductor. 1999. Features, advantages, and benefits of button-based security. Available at http://www.ibutton.com.]]Google Scholar
- Dandalis, A., Prasanna, V., and Rolim, J. 2000. An adaptive cryptographic engine for IPSec architectures. In Proceedings of the IEEE Symposium on Field-Programmable Custom Computing Machines. 132--144.]] Google Scholar
- Fisher, M. 2000. Protecting binary executables. Embedded Syst. Program. 13, 2 (Feb.).]]Google Scholar
- Gobioff, H., Smith, S., Tygar, D., and Yee, B. 1996. Smart cards in hostile environments. In Proceedings of the 2nd USENIX Workshop on Electronic Commerce. 23--28.]] Google Scholar
- Guthaus, M. R., Ringenberg, J. S., Ernst, D., Austin, T. M., Mudge, T., and Brown, R. B. 2001. MiBench: A free, commercially representative embedded benchmark suite. In Proceedings of the 4th IEEE Annual Workshop on Workload Characterization. 3--14.]] Google Scholar
- Hoffmann, A., Meyr, H., and Leupers, R. 2002. Architecture Exploration for Embedded Processors Using LISA. Kluwer Academic Publishers, Boston, MA.]] Google Scholar
- Horne, B., Matheson, L., Sheehan, C., and Tarjan, R. 2001. Dynamic self-checking techniques for improved tamper resistance. In ACM Workshop on Security and Privacy in Digital Rights Management. 141--159.]] Google Scholar
- IBM. 2002. Secure systems and smart cards. Available at http://www.research.ibm.com/secure_systems.]]Google Scholar
- Itoi, N. 2000. Secure Coprocessor Integration with Kerberos V5. Tech. Rep. RC-21797.]]Google Scholar
- Johnson, N. and Katzenbeisser, S. 1999. A Survey of Steganographic Techniques. Artech House, Boston, MA.]]Google Scholar
- Kaps, J.-P. and Paar, C. 1998. Fast DES implementations for FPGAs and its application to a universal keysearch machine. In Proceedings of the 5th Annual Workshop on Selected Areas in Cryptography. 234--247.]] Google Scholar
- Kocher, P. 1995. Cryptanalysis of Diffie-Hellman, RSA, DSS and other systems using timing attacks. Extended abstract.]]Google Scholar
- Kommerling, O. and Kuhn, M. 1999. Design principles for tamper-resistant smartcard processors. In Proceedings of the USENIX Workshop on Smartcard Technology. 9--20.]] Google Scholar
- Lee, C., Potkonjak, M., and Mangione-Smith, W. H. 1997. MediaBench: A tool for evaluating and synthesizing multimedia and communications systems. In Proceedings of 30th Annual International Symposium on Microarchitecture. 330--335.]] Google Scholar
- Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., and Horowitz, M. 2000. Architectural support for copy and tamper resistant software. In Proceedings of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems. 168--177.]] Google Scholar
- Mentor Graphics. 2002. Modelsim SE simulation and verification datasheet. Available at http://www.mentor.com.]]Google Scholar
- Necula, G. 1997. Proof-carrying code. In Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. 106--119.]] Google Scholar
- Necula, G. 2003. Web page http://www.cs.berkeley.edu/nekula.]]Google Scholar
- Necula, G. and Lee, P. 1996. Safe kernel extensions without run-time checking. In Proceedings of the 2nd USENIX Symposium on OS Design and Implementation. 229--243.]] Google Scholar
- Neve, A., Flandre, D., and Quisquater, J.-J. 1999. Feasibility of smart cards in Silicon-on-insulator (SOI) technology. In Proceedings of the USENIX Workshop on Smartcard Technology.]] Google Scholar
- Prasanna, V. and Dandalis, A. 2000. FPGA-based cryptography for internet security. In Online Symposium for Electronic Engineers.]]Google Scholar
- Schneier, B. and Shostack, A. 1999. Breaking up is hard to do: modeling security threats for smart cards. In Proceedings of the USENIX Workshop on Smartcard Technology. 175--185.]] Google Scholar
- Smith, S. 1996. Secure Coprocessing Applications and Research Issues. Tech. Rep. LA-UR-96-2805.]]Google Scholar
- Smith, S. and Weingart, S. 1999. Building a high-performance programmable secure coprocessor. Comput. Networks 31, 9 (Apr.), 831--860.]] Google Scholar
- Taylor, R. R. and Goldstein, S. 1999. A high-performance flexible architecture for cryptography. In Proceedings of the Workshop on Cryptographic Hardware and Software Systems.]] Google Scholar
- Trusted Computing Platform Alliance. 2003. http://www.trustedcomputing.org.]]Google Scholar
- Tygar, D. and Yee, B. 1993. Dyad: A system for using physically secure coprocessors. In Proceedings of the Harvard-MIT Workshop on Protection of Intellectual Property.]]Google Scholar
- Wang, C., Davidson, J., Hill, J., and Knight, J. 2001. Protection of software-based survivability mechanisms. In Proceedings of the 2001 IEEE/IFIP International Conference on Dependable Systems and Networks.]] Google Scholar
- Wang, C., Hill, J., Knight, J., and Davidson, J. 2000. Software Tamper Resistance: Obstructing the Static Analysis of Programs. Tech. Rep. CS-2000-12.]] Google Scholar
- Weingart, S. 1987. Physical security for the mABYSS system. In Proceedings of the IEEE Symposium on Security and Privacy. 52--58.]]Google Scholar
- Weingart, S., White, S., Arnold, W., and Double, G. 1990. An evaluation system for the physical security of computing systems. In Proceedings of the 6th Computer Security Applications Conference. 232--243.]]Google Scholar
- White, S. and Comerford, L. 1987. ABYSS: A trusted architecture for software protection. In Proceedings of the IEEE Symposium on Security and Privacy. 38--51.]]Google Scholar
- White, S., Weingart, S., Arnold, W., and Palmer, E. 1991. Introduction to the Citadel Architecture: Security in physically Exposed Environments. Tech. Rep. RC 16682.]]Google Scholar
- Wyant, J. 2001. Establishing security requirements for more effective and scalable DRM solutions. In Proceedings of the Workshop on Digital Rights Management for the Web.]]Google Scholar
- Yee, B. 1994. Using Secure Coprocessors. Tech. Rep. CMU-CS-94-149.]]Google Scholar
- Yee, B. and Tygar, D. 1995. Secure coprocessors in electronic commerce applications. In Proceedings of the 1st USENIX Workshop on Electronic Commerce. 155--170.]] Google Scholar
Index Terms
- SAFE-OPS: An approach to embedded software security
Recommendations
FPGA implementation of a HW/SW platform for multimedia embedded systems
This paper presents a HW/SW platform for embedded video system. It has been designed around an embedded RISC processor and FPGA technologies and provides video input and output interfaces. The configurable platform has been used to implement a real time ...
Hardware/software optimization of error detection implementation for real-time embedded systems
CODES/ISSS '10: Proceedings of the eighth IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesisThis paper presents an approach to system-level optimization of error detection implementation in the context of fault-tolerant real-time distributed embedded systems used for safety-critical applications. An application is modeled as a set of processes ...
The Software and Hardware Integration Linker for Reconfigurable Embedded System
CSE '09: Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 02Accelerators are used to speed up demanding computational applications. However, designers find integrating hardware and software communications interface being a challenge. In this paper, the integration methods for computing in reconfigurable embedded ...
Comments