Blurring the line between software and hardware, reconfigurable devices strike a balance between the raw high speed of custom silicon and the post-fabrication flexibility of general-purpose processors. While this flexibility is a boon for embedded system developers, who can now rapidly prototype and deploy solutions with performance approaching custom designs, this results in a system development methodology where functionality is stitched together from a variety of “soft IP cores, ” often provided by multiple vendors with different levels of trust. Unlike traditional software where resources are managed by an operating system, soft IP cores necessarily have very fine grain control over the underlying hardware. To address this problem, the embedded systems community requires novel security primitives

Small embedded integrated circuits (ICs) such as smart cards are vulnerable to the so-called side-channel attacks (SCAs). The attacker can gain information by monitoring the power consumption, execution time, electromagnetic radiation, and other information leaked by the switching behavior of digital complementary metal–oxide–semiconductor (CMOS) gates. This paper presents a digital very large scale integrated (VLSI) design flow to create secure power-analysis-attack-resistant ICs. The design flow starts from a normal design in a hardware description language such as very-high-speed integrated circuit (VHSIC) hardware description language (VHDL) or Verilog and provides a direct path to an SCA-resistant layout. Instead of a full custom layout or an iterative design process with extensive simulations, a few key modifications are incorporated in a regular synchronous CMOS standard cell design flow. The basis for power analysis attack resistance is discussed. This paper describes how to adjust the library databases such that the regular single-ended static CMOS standard cells implement a dynamic and differential logic style and such that 20 000+ differential nets can be routed in parallel. This paper also explains how to modify the constraints and rules files for the synthesis, place, and differential route procedures. Measurement-based experimental results have demonstrated that the secure digital design flow is a functional technique to thwart side-channel power analysis. It successfully protects a prototype Advanced Encryption Standard (AES) IC fabricated in an 0.18-µm CMOS.

Abstract. While processor based systems often enforce memory protection to prevent the unintended sharing of data between processes, current systems built around reconfigurable hardware typically offer no such protection. Several reconfigurable cores are often integrated onto a single chip where they share external resources such as memory. While this enables small form factor and low cost designs, it opens up the opportunity for modules to intercept or even interfere with the operation of one another. We investigate the design and synthesis of a memory protection mechanism capable of enforcing policies expressed as a formal language. Our approach includes a specialized compiler that translates a policy of legal sharing to reconfigurable logic blocks which can be directly transferred to an FPGA. The efficiency of our access language design flow is evaluated in terms of area and cycle time across a variety of security scenarios.

Abstract. Replay attacks are often the most costly attacks to thwart when dealing with off-chip memory integrity. With a trusted System-on-Chip, the existing countermeasures against replay require a large amount of on-chip memory to provide tamper-proof storage for metadata such as hash values or nonces. Tree-based strategies can be deployed to reduce this unacceptable overhead; for example, the well-known Merkle tree technique decreases this overhead to a single hash value. However, it comes at the cost of performancekilling characteristics for embedded systems – e.g. non-parallelizable hash computations on tree updates. In this paper, we propose an alternative solution: the Tamper-Evident Counter Tree (TEC-Tree). It allows for tamper-evident offchip storage of the nonces involved in a replay countermeasure; TEC-Tree parallelizes the computations involved in both the authentication and tree update processes. Moreover, because our tree relies on block encryption, it provides data confidentiality at no extra cost. TEC-Tree is a deployable solution for memory integrity, with low performance hit and hardware cost.

Exploitation of buffer overflow vulnerabilities constitutes a significant portion of security attacks in computer systems. One of the most common types of buffer overflow attacks is the hijacking of the program counter by overwriting function return addresses in the process ’ stack so as to redirect the program’s control flow to some malicious code injected into the process ’ memory. Previous solutions to this problem are based either on hardware or the compiler. The former requires special hardware while the latter requires the source code of the software. In this paper we introduce the use of a Transparent RUntime Shadow Stack (TRUSS) to protect against function return address modification. Our proposed scheme is built on top of DynamoRIO, a dynamic binary rewriting framework. DynamoRIO is implemented on both Windows and Linux. Hence, our scheme is able to protect applications on both operating systems. We have successfully tested our implementation on the SPECINT 2000 benchmark programs on both Windows and Linux, John Wilander’s “Dynamic testbed for twenty buffer overflow attacks” as well as Microsoft Access, Powerpoint and Word 2002. This paper will discuss the implementation details of our scheme as well as provide a performance evaluation. The latter shows that TRUSS is able to operate with an average overhead of about 20 % to 50 % which we believe is acceptable. 1

There is an ever increasing concern about security threats as embedded systems are moving towards networked applications. Model based approaches have proven to be effective techniques for embedded systems design. However, existing modeling tools were not designed to meet the current and future security challenges of networked embedded systems. In this paper, we propose a framework to incorporate security modeling into embedded system design. We’ve developed a security analysis tool that can easily integrate with existing tool chains to create co-design environments that addresses security, functionality and system architecture aspects of embedded systems concurrently. 1.

This paper presents a methodology for monitoring security in Application Specific Instruction-set Processors (ASIPs). This is a generalized methodology for inline monitoring insecure operations in machine instructions at microinstruction level. Microinstructions are embedded into the critical machine instructions forming self checking instructions. We name this method Micro Embedded Monitoring. Since ASIPs are designed exclusively for a particular application domain, the Instruction Set Architecture (ISA) of an ASIP is based on the application executed. Knowledge of the domain gives an insight into the kinds of the security threats which need to be considered. The fact that the ISA design is based on the application makes room to accommodate security monitoring support during the design phase by embedding microinstructions into the critical machine instructions. Since the microinstructions are the lowest possible software level architecture, we could expect to get better performance by implementing security detection using microinstruction routines. Four different embedded security monitoring routines are implemented for evaluation. The average performance penalty with these monitoring routines with ten different benchmarks is 1.93 % while the average area and power overheads are 5.26 % and 3.07 % respectively.

Intrusion or misbehaviour detection systems are an important and widely accepted security tool in computer and wireless sensor networks. Their aim is to detect misbehaving or faulty nodes in order to take appropriate countermeasures, thus limiting the damage caused by adversaries as well as by hard or software faults. So far, however, once detected, misbehaving nodes have just been isolated from the rest of the sensor network and hence are no longer usable by running applications. In the presence of an adversary or software faults, this proceeding will inevitably lead to an early and complete loss of the whole network. For this reason, we propose to no longer expel misbehaving nodes, but to recover them into normal operation. In this paper, we address this problem and present a formal specification of what is considered a secure and correct node recovery algorithm together with a distributed algorithm that meets these properties. We discuss its requirements on the soft- and hardware of a node and show how they can be fulfilled with current and upcoming technologies. The algorithm is evaluated analytically as well as by means of extensive simulations, and the findings are compared to the outcome of a real implementation for the BTnode sensor platform. The results show that recovering sensor nodes is an expensive, though feasible and worthwhile task. Moreover, the proposed program code update algorithm is not only secure but also fair and robust. Categories and Subject Descriptors C.2.0 [Computer-communication networks]: General— Security and protection

Many modern electronic systems—including personal computers, PDAs, cell phones, network routers, smart cards, and networked sensors to name a few—need to access, store, manipulate, or communicate sensitive information, making security a serious concern in their design. Embedded systems, which account for a wide range of products from the electronics, semiconductor, telecommunications, and networking industries, face some of the most demanding security concerns—on the one hand, they are often highly resource constrained, while on the other hand, they frequently need to operate in physically insecure environments. Security has been the subject of intensive research in the context of general-purpose computing and communications systems. However, security is often misconstrued by embedded system designers as the addition of features, such as specific cryptographic algorithms and security protocols, to the system. In reality, it is a new dimension that designers should consider throughout the design process, along with other metrics such as cost, performance, and power. The challenges unique to embedded systems require new approaches to security covering all aspects of embedded system design from architecture to implementation. Security processing, which refers to the computations that must be performed in a system for the purpose of security, can

Biometrics represent a promising approach for reliable and secure user authentication. However, they have not yet been widely adopted in embedded systems, particularly in resource-constrained devices such as cell phones and personal digital assistants (PDAs). In this paper, we investigate the challenges involved in using face-based biometrics for authenticating a user to an embedded system. To enable high authentication accuracy, we consider robust face verifiers based on principal component analysis/linear discriminant analysis (PCA-LDA) algorithms and Bayesian classifiers, and their combined use (multi-modal biometrics). Since embedded systems are severely constrained in their processing capabilities, algorithms that provide sufficient accuracy tend to be computationally expensive, leading to unacceptable authentication times. On the other hand, achieving acceptable performance often comes at the cost of degradation in the quality of results. Our work aims at developing embedded processing architectures that