Security in embedded systems: Design challenges
TL;DR: An introduction to the challenges involved in secure embedded system design is provided, recent advances in addressing them are discussed, and opportunities for future research are identified.
Abstract: Many modern electronic systems---including personal computers, PDAs, cell phones, network routers, smart cards, and networked sensors to name a few---need to access, store, manipulate, or communicate sensitive information, making security a serious concern in their design. Embedded systems, which account for a wide range of products from the electronics, semiconductor, telecommunications, and networking industries, face some of the most demanding security concerns---on the one hand, they are often highly resource constrained, while on the other hand, they frequently need to operate in physically insecure environments.Security has been the subject of intensive research in the context of general-purpose computing and communications systems. However, security is often misconstrued by embedded system designers as the addition of features, such as specific cryptographic algorithms and security protocols, to the system. In reality, it is a new dimension that designers should consider throughout the design process, along with other metrics such as cost, performance, and power.The challenges unique to embedded systems require new approaches to security covering all aspects of embedded system design from architecture to implementation. Security processing, which refers to the computations that must be performed in a system for the purpose of security, can easily overwhelm the computational capabilities of processors in both low- and high-end embedded systems. This challenge, which we refer to as the "security processing gap," is compounded by increases in the amounts of data manipulated and the data rates that need to be achieved. Equally daunting is the "battery gap" in battery-powered embedded systems, which is caused by the disparity between rapidly increasing energy requirements for secure operation and slow improvements in battery technology. The final challenge is the "assurance gap," which relates to the gap between functional security measures (e.g., security services, protocols, and their constituent cryptographic algorithms) and actual secure implementations. This paper provides an introduction to the challenges involved in secure embedded system design, discusses recent advances in addressing them, and identifies opportunities for future research.
Citations
More filters
19 Oct 2011
TL;DR: This paper focuses on systematically identifying and classifying likely cyber attacks including cyber-induced cyber-physical attack son SCADA systems and highlights commonalities and important features of such attacks that define unique challenges posed to securingSCADA systems versus traditional Information Technology(IT) systems.
Abstract: Supervisory Control and Data Acquisition(SCADA) systems are deeply ingrained in the fabric of critical infrastructure sectors. These computerized real-time process control systems, over geographically dispersed continuous distribution operations, are increasingly subject to serious damage and disruption by cyber means due to their standardization and connectivity to other networks. However, SCADA systems generally have little protection from the escalating cyber threats. In order to understand the potential danger and to protect SCADA systems, in this paper, we highlight their difference from standard IT systems and present a set of security property goals. Furthermore, we focus on systematically identifying and classifying likely cyber attacks including cyber-induced cyber-physical attack son SCADA systems. Determined by the impact on control performance of SCADA systems, the attack categorization criteria highlights commonalities and important features of such attacks that define unique challenges posed to securing SCADA systems versus traditional Information Technology(IT) systems.
433Â citations
TL;DR: The article reviews the most popular peer-to-peer key management protocols for mobile ad hoc networks (MANETs) and discusses and provides comments on the strategy of each group separately.
Abstract: The article reviews the most popular peer-to-peer key management protocols for mobile ad hoc networks (MANETs). The protocols are subdivided into groups based on their design strategy or main characteristic. The article discusses and provides comments on the strategy of each group separately. The discussions give insight into open research problems in the area of pairwise key management.
373Â citations
TL;DR: This paper is presenting an overview about different layered architectures of IoT and attacks regarding security from the perspective of layers, and suggested a new secure layered architecture of IoT to overcome these issues.
Abstract: The use of the Internet is growing in this day and age, so another area has developed to use the Internet, called Internet of Things (IoT). It facilitates the machines and objects to communicate, compute and coordinate with each other. It is an enabler for the intelligence affixed to several essential features of the modern world, such as homes, hospitals, buildings, transports and cities. The security and privacy are some of the critical issues related to the wide application of IoT. Therefore, these issues prevent the wide adoption of the IoT. In this paper, we are presenting an overview about different layered architectures of IoT and attacks regarding security from the perspective of layers. In addition, a review of mechanisms that provide solutions to these issues is presented with their limitations. Furthermore, we have suggested a new secure layered architecture of IoT to overcome these issues.
294Â citations
Cites background from "Security in embedded systems: Desig..."
...Figure 12 lists the typical security requirements seen across an extensive range of IoT to prevent from attacks [102]....
[...]
...Embedded Security Framework [102,103] in Perception Layer It provides not only security but also secure OS, memory and run time environment....
[...]
05 Jul 2011
TL;DR: The need to provide in-built security in the device itself to provide a flexible infrastructure for dynamic prevention, detection, diagnosis, isolation, and countermeasures against successful breaches is highlighted.
Abstract: IoT is going to be an established part of life by extending the communication and networking anytime, anywhere. Security requirements for IoT will certainly underline the importance of properly formulated, implemented, and enforced security policies throughout their life-cycle. This paper gives a detailed survey and analysis of embedded security, especially in the area of IoT. Together with the conventional security solutions, the paper highlights the need to provide in-built security in the device itself to provide a flexible infrastructure for dynamic prevention, detection, diagnosis, isolation, and countermeasures against successful breaches. Based on this survey and analysis, the paper defines the security needs taking into account computational time, energy consumption and memory requirements of the devices. Finally, this paper proposes an embedded security framework as a feature of software/hardware co-design methodology.
249Â citations
05 Jan 2004
TL;DR: This paper surveys various tamper or attack techniques, and explains how they can be used to undermine or weaken security functions in embedded systems.
Abstract: Security is a concern in the design of a wide range of embedded systems. Extensive research has been devoted to the development of cryptographic algorithms that provide the theoretical underpinnings of information security. Functional security mechanisms, such as security protocols, suitably employ these mathematical primitives in order to achieve the desired security objectives. However, functional security mechanisms alone cannot ensure security, since most embedded systems present attackers with an abundance of opportunities to observe or interfere with their implementation, and hence to compromise their theoretical strength. This paper surveys various tamper or attack techniques, and explains how they can be used to undermine or weaken security functions in embedded systems. Tamper-resistant design refers to the process of designing a system architecture and implementation that is resistant to such attacks. We outline approaches that have been proposed to design tamper-resistant embedded systems, with examples drawn from recent commercial products.
245Â citations
Cites background from "Security in embedded systems: Desig..."
...This is especially true for embedded systems, which, due to various constraints, present several unique security challenges [1, 2]....
[...]
References
More filters
15 Aug 1999
TL;DR: In this paper, the authors examine specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. And they also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
Abstract: Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. We also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
6,757Â citations
18 Aug 1996
TL;DR: By carefully measuring the amount of time required to perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.
Abstract: By carefully measuring the amount of time required tm perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems. Against, a valnerable system, the attack is computationally inexpensive and often requires only known ciphertext. Actual systems are potentially at risk, including cryptographic tokens, network-based cryptosystems, and other applications where attackers can make reasonably accurate timing measurements. Techniques for preventing the attack for RSA and Diffie-Hellman are presented. Some cryptosystems will need to be revised to protect against the attack, and new protocols and algorithms may need to incorporate measures to prevenl timing attacks.
3,989Â citations
Book•
19 Aug 1998
TL;DR: The new edition of William Stallings' Cryptography and Network Security: Principles and Practice, 5e is a practical survey of cryptography and network security with unmatched support for instructors and students.
Abstract: William Stallings' Cryptography and Network Security: Principles and Practice, 5e is a practical survey of cryptography and network security with unmatched support for instructors and students. In this age of universal electronic connectivity, viruses and hackers, electronic eavesdropping, and electronic fraud, security is paramount. This text provides a practical survey of both the principles and practice of cryptography and network security. First, the basic issues to be addressed by a network security capability are explored through a tutorial and survey of cryptography and network security technology. Then, the practice of network security is explored via practical applications that have been implemented and are in use today. An unparalleled support package for instructors and students ensures a successful teaching and learning experience. The new edition has been updated to include coverage of the latest topics including expanded coverage of block cipher modes of operation, including authenticated encryption; revised and expanded coverage of AES; expanded coverage of pseudorandom number generation; new coverage of federated identity, HTTPS, Secure Shell (SSH) and wireless network security; completely rewritten and updated coverage of IPsec; and a new chapter on legal and ethical issues.
3,787Â citations
Proceedings Article•
01 Jan 1996
3,526Â citations
Book•
10 Nov 1993
TL;DR: This document describes the construction of protocols and their use in the real world, as well as some examples of protocols used in the virtual world.
Abstract: CRYPTOGRAPHIC PROTOCOLS. Protocol Building Blocks. Basic Protocols. Intermediate Protocols. Advanced Protocols. Esoteric Protocols. CRYPTOGRAPHIC TECHNIQUES. Key Length. Key Management. Algorithm Types and Modes. Using Algorithms. CRYPTOGRAPHIC ALGORITHMS. Data Encryption Standard (DES). Other Block Ciphers. Other Stream Ciphers and Real Random-Sequence Generators. Public-Key Algorithms. Special Algorithms for Protocols. THE REAL WORLD. Example Implementations. Politics. SOURCE CODE.source Code. References.
3,432Â citations