Ferdinand Brasser
ABSTRACT
Embedded systems are at the core of many security-sensitive and safety-critical applications, including automotive, industrial control systems, and critical infrastructures. Existing protection mechanisms against (software-based) malware are inflexible, too complex, expensive, or do not meet real-time requirements.
We present TyTAN, which, to the best of our knowledge, is the first security architecture for embedded systems that provides (1) hardware-assisted strong isolation of dynamically configurable tasks and (2) real-time guarantees. We implemented TyTAN on the Intel® Siskiyou Peak embedded platform and demonstrate its efficiency and effectiveness through extensive evaluation.
- F. Armknecht, A.-R. Sadeghi, S. Schulz, and C. Wachsmann. A security framework for the analysis and design of software attestation. In ACM Conference on Computer & Communications Security (CCS). ACM, 2013. Google Scholar
Digital Library
- S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, and S. Savage. Comprehensive experimental analyses of automotive attack surfaces. In USENIX Security Symposium. USENIX Association, 2011. Google ScholarDigital Library
- A. Costin, J. Zaddach, A. Francillon, and D. Balzarotti. A large-scale analysis of the security of embedded firmwares. In USENIX Security Symposium. USENIX Association, 2014. Google ScholarDigital Library
- A. Cui and S. J. Stolfo. A quantitative analysis of the insecurity of embedded network devices: Results of a wide-area scan. In Annual Computer Security Applications Conference (ACSAC). ACM, 2010. Google ScholarDigital Library
- R. de Clercq, F. Piessens, D. Schellekens, and I. Verbauwhede. Secure interrupts on low-end microcontrollers. In Application-specific Systems, Architectures and Processors (ASAP), 2014 IEEE 25th International Conference on, 2014.Google Scholar
- K. Eldefrawy, A. Francillon, D. Perito, and G. Tsudik. SMART: Secure and minimal architecture for (establishing a dynamic) root of trust. In Network and Distributed System Security Symposium (NDSS), 2012.Google Scholar
- A. Francillon and C. Castelluccia. Code injection attacks on harvard-architecture devices. In Proceedings of the 15th ACM Conference on Computer and Communications Security. ACM, 2008. Google ScholarDigital Library
- A. G. Illera and J. V. Vidal. Lights off! The darkness of the smart meters. In BlackHat Europe, 2014.Google Scholar
- R. Kennell and L. H. Jamieson. Establishing the genuinity of remote computer systems. In USENIX Security Symposium. USENIX Association, 2003. Google ScholarDigital Library
- P. Koeberl, S. Schulz, A.-R. Sadeghi, and V. Varadharajan. TrustLite: A security architecture for tiny embedded devices. In European Conference on Computer Systems (EuroSys). ACM, 2014. Google ScholarDigital Library
- K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, and S. Savage. Experimental security analysis of a modern automobile. In IEEE Symposium on Security and Privacy. IEEE, 2010. Google ScholarDigital Library
- Y. Li, J. M. McCune, and A. Perrig. VIPER: Verifying the integrity of peripherals' firmware. In Conference on Computer and Communications Security (CCS). ACM, 2011. Google ScholarDigital Library
- J. M. McCune, Y. Li, N. Qu, Z. Zhou, A. Datta, V. Gligor, and A. Perrig. TrustVisor: Efficient TCB reduction and attestation. In IEEE Symposium on Security and Privacy. IEEE, 2010. Google ScholarDigital Library
- F. McKeen, I. Alexandrovich, A. Berenzon, C. V. Rozas, H. Shafi, V. Shanbhogue, and U. R. Savagaonkar. Innovative instructions and software model for isolated execution. In Workshop on Hardware and Architectural Support for Security and Privacy (HASP). ACM, 2013. Google ScholarDigital Library
- C. Miller and C. Valasek. A survey of remote automotive attack surfaces. In BlackHat USA, 2014.Google Scholar
- D. M. Nicol. Hacking the lights out. Scientific American, 305, 2011.Google Scholar
- J. Noorman, P. Agten, W. Daniels, R. Strackx, A. Van Herrewege, C. Huygens, B. Preneel, I. Verbauwhede, and F. Piessens. Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In USENIX Security Symposium. USENIX Association, 2013. Google ScholarDigital Library
- E. Owusu, J. Guajardo, J. McCune, J. Newsome, A. Perrig, and A. Vasudevan. OASIS: On achieving a sanctuary for integrity and secrecy on untrusted platforms. In ACM Conference on Computer & Communications Security (CCS). ACM, 2013. Google ScholarDigital Library
- J. Pollet and J. Cummins. Electricity for free --- The dirty underbelly of SCADA and smart meters. In BlackHat USA, 2010.Google Scholar
- J. Rattner. Extreme scale computing. ISCA Keynote, 2012.Google Scholar
- A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla. Pioneer: Verifying code integrity and enforcing untampered code execution on legacy systems. In ACM Symposium on Operating Systems Principles (SOSP). ACM, 2005. Google ScholarDigital Library
- A. Seshadri, A. Perrig, L. van Doorn, and P. Khosla. SWATT: Software-based attestation for embedded devices. In IEEE Symposium on Security and Privacy. IEEE, 2004.Google ScholarCross Ref
- A. Soullie. Industrial control systems: Pentesting PLCs 101. In BlackHat Europe, 2014.Google Scholar
- J. A. Stankovic and R. Rajkumar. Real-time operating systems. Real-Time Systems, 28(2-3), 2004. Google ScholarDigital Library
- R. Strackx, F. Piessens, and B. Preneel. Efficient isolation of trusted subsystems in embedded systems. In Security and Privacy in Communication Networks. Springer, 2010.Google ScholarCross Ref
- G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. AEGIS: Architecture for tamper-evident and tamper-resistant processing. In International Conference on Supercomputing (ICS). ACM, 2003. Google ScholarDigital Library
- Trusted Computing Group (TCG). Website. http://www.trustedcomputinggroup.org, 2011.Google Scholar
- J. Winter. Trusted computing building blocks for embedded Linux-based ARM TrustZone platforms. In ACM Workshop on Scalable Trusted Computing (STC). ACM, 2008. Google ScholarDigital Library
Index Terms
- TyTAN: tiny trust anchor for tiny devices
Recommendations
A Survey of WCET Analysis of Real-Time Operating Systems
ICESS '09: Proceedings of the 2009 International Conference on Embedded Software and SystemsTiming correctness of hard real-time systems is guaranteed by schedulability analysis and worst-case execution time (WCET) analysis of programs. Traditional WCET analysis mainly deals with application programs and has achieved success in industry. ...
Hardware support for WCET analysis of hard real-time multicore systems
ISCA '09: Proceedings of the 36th annual international symposium on Computer architectureThe increasing demand for new functionalities in current and future hard real-time embedded systems like automotive, avionics and space industries is driving an increase in the performance required in embedded processors. Multicore processors represent ...
Self-Reconfigurable Embedded Systems on Low-Cost FPGAs
Hardware acceleration significantly increases the performance of embedded systems built on programmable logic. Allowing a FPGA-based MicroBlaze processor to self-select the coprocessors it uses can help reduce area requirements and increase a system's ...
Comments