Security as a new dimension in embedded system design

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Security as a new dimension in embedded system design

Full text

Pdf (209 KB)

Source

Annual ACM IEEE Design Automation Conference archive
Proceedings of the 41st annual Design Automation Conference table of contents

San Diego, CA, USA

SESSION: Security as a new dimension in embedded system design table of contents

Pages: 753 - 760

Year of Publication: 2004

ISBN:1-58113-828-8

Authors

Paul Kocher	Cryptography Research, San Francisco, CA
Ruby Lee	Princeton University, Princeton, NJ
Gary McGraw	Cigital, Dulles, VA
Anand Raghunathan	NEC Laboratories America, Princeton, NJ

Moderators

Srivaths Ravi

NEC Corporation

Sponsors

ACM: Association for Computing Machinery
SIGDA: ACM Special Interest Group on Design Automation

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 65, Downloads (12 Months): 500, Citation Count: 19

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/996566.996771 What is a DOI?

ABSTRACT

The growing number of instances of breaches in information security in the last few years has created a compelling case for efforts towards secure electronic systems. Embedded systems, which will be ubiquitously used to capture, store, manipulate, and access data of a sensitive nature, pose several unique and interesting security challenges. Security has been the subject of intensive research in the areas of cryptography, computing, and networking. However, despite these efforts, security is often mis-construed by designers as the hardware or software implementation of specific cryptographic algorithms and security protocols. In reality, it is an entirely new metric that designers should consider throughout the design process, along with other metrics such as cost, performance, and power..This paper is intended to introduce embedded system designers and design tool developers to the challenges involved in designing secure embedded systems. We attempt to provide a unified and holistic view of embedded system security by first analyzing the typical functional security requirements for embedded systems from an end-user perspective. We then identify the implied challenges for embedded system architects, as well as hardware and software designers (e.g., tamper-resistant embedded system design, processing requirements for security, impact of security on battery life for battery-powered systems, etc.). We also survey solution techniques to address these challenges, drawing from both current practice and emerging research, and identify open research problems that will require innovations in embedded system architecture and design methodologies.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Counterpane Internet Security, Inc. http://www.counterpane.com.
	2	ePaynews - Mobile Commerce Statistics. http://www.epaynews.com/statistics/mcommstats.html.
	3	William Stallings, Cryptography and network security (2nd ed.): principles and practice, Prentice-Hall, Inc., Upper Saddle River, NJ, 1998
	4	Bruce Schneier, Applied cryptography (2nd ed.): protocols, algorithms, and source code in C, John Wiley & Sons, Inc., New York, NY, 1995
	5	IPSec Working Group. http://www.ietf.org/html.charters/ipsec-charter.html.
	6	SSL 3.0 Specification. http://wp.netscape.com/eng/ssl3/.
	7	Paul Reid, Biometrics and Network Security, Prentice Hall PTR, Upper Saddle River, NJ, 2003
	8	OpenIPMP. http://www.openipmp.org.
	9	Internet Streaming Media Alliance. http:/www.isma.tv/home.
	10	MPEG Open Security for Embedded Systems (MOSES). http://www.crl.co.uk/projects/moses/.MPEG Open Security for Embedded Systems (MOSES). http://www.crl.co.uk/projects/moses/.
	11	Discretix Technologies Ltd. (http://www.discretix.com).
	12	David Lie Chandramohan Thekkath , Mark Mitchell , Patrick Lincoln , Dan Boneh , John Mitchell , Mark Horowitz, Architectural support for copy and tamper resistant software, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.168-177, November 2000, Cambridge, Massachusetts, United States
	13	G. Edward Suh , Dwaine Clarke , Blaise Gassend , Marten van Dijk , Srinivas Devadas, AEGIS: architecture for tamper-evident and tamper-resistant processing, Proceedings of the 17th annual international conference on Supercomputing, June 23-26, 2003, San Francisco, CA, USA [doi>10.1145/782814.782838]
	14	R. M. Best, Crypto Microprocessor for Executing Enciphered Programs. U.S. patent 4,278,837, July 1981.
	15	M. Kuhn, The TrustNo 1 Cryptoprocessor Concept. CS555 Report, Purdue University (http://www.cl.cam.ac.uk/mgk25/), Apr. 1997.
	16	Greg Hoglund , Gary McGraw, Exploiting Software: How to Break Code, Pearson Higher Education, 2004
	17	J. Viega and G. McGraw, Building Secure Software (http://www.buildingsecuresoftware.com). Addison-Wesley, 2001.
	18	G. McGraw, "Software Security," IEEE Security & Privacy, vol. 2, pp. 80--83, March-April 2004.
	19	R. Anderson and M. Kuhn, "Tamper resistance - a cautionary note," 1996.
	20	Ross J. Anderson , Markus G. Kuhn, Low Cost Attacks on Tamper Resistant Devices, Proceedings of the 5th International Workshop on Security Protocols, p.125-136, April 07-09, 1997
	21	O. Kommerling and M. G. Kuhn, "Design principles for tamper-resistant smartcard processors," in Proc. USENIX Wkshp. on Smartcard Technology (Smartcard '99), pp. 9--20, May 1999.
	22	W. Rankl , Wolfgang Effing, Smart Card Handbook, John Wiley & Sons, Inc., New York, NY, 1997
	23	E. Hess, N. Janssen, B. Meyer, and T. Schutze, "Information Leakage Attacks Against Smart Card Implementations of Cryptographic Algorithms and Countermeasures," in Proc. EUROSMART Security Conference, pp. 55--64, June 2000.
	24	J. J. Quisquater and D. Samyde, "Side channel cryptanalysis," in Proc. of the SECI, pp. 179--184, 2002.
	25	John Kelsey , Bruce Schneier , David Wagner , Chris Hall, Side Channel Cryptanalysis of Product Ciphers, Proceedings of the 5th European Symposium on Research in Computer Security, p.97-110, September 16-18, 1998
	26	Srivaths Ravi , Anand Raghunathan , Srimat Chakradhar, Tamper Resistance Mechanisms for Secure, Embedded Systems, Proceedings of the 17th International Conference on VLSI Design, p.605, January 05-09, 2004
	27	Paul C. Kocher, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, p.104-113, August 18-22, 1996
	28	Thomas S. Messerges , Ezzat A. Dabbish , Robert H. Sloan, Examining Smart-Card Security under the Threat of Power Analysis Attacks, IEEE Transactions on Computers, v.51 n.5, p.541-552, May 2002 [doi>10.1109/TC.2002.1004593]
	29	Paul C. Kocher , Joshua Jaffe , Benjamin Jun, Differential Power Analysis, Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, p.388-397, August 15-19, 1999
	30	U.S. Patents Nos. 6,278,783; 6,289,455; 6,298,442; 6,304,658; 6,327,661; 6,381,699; 6,510,518; 6,539,092; 6,640,305; and 6,654,884. http://www.cryptography.com/technology/dpa/licensing.html.
	31	D. Boneh, R. DeMillo, and R. Lipton, "On the importance of eliminating errors in cryptographic computations," Cryptology, vol. 14, no. 2, pp. 101--119, 2001.
	32	Wim van Eck, Electromagnetic radiation from video display units: an eavesdropping risk?, Computers and Security, v.4 n.4, p.269-286, Dec. 1985 [doi>10.1016/0167-4048(85)90046-X]
	33	Markus G. Kuhn , Ross J. Anderson, Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations, Proceedings of the Second International Workshop on Information Hiding, p.124-142, April 14-17, 1998
	34	Jean-Jacques Quisquater , David Samyde, ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards, Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security, p.200-210, September 19-21, 2001
	35	Karine Gandolfi , Christophe Mourtel , Francis Olivier, Electromagnetic Analysis: Concrete Results, Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems, p.251-261, May 14-16, 2001
	36	Srivaths Ravi , Anand Raghunathan , Nachiketh Potlapally, Securing wireless data: system architecture challenges, Proceedings of the 15th international symposium on System Synthesis, October 02-04, 2002, Kyoto, Japan [doi>10.1145/581199.581243]
	37	Neil Daswani , Dan Boneh, Experimenting with Electronic Commerce on the PalmPilot, Proceedings of the Third International Conference on Financial Cryptography, p.1-16, February 01, 1999
	38	R. Karri and P. Mishra, "Minimizing Energy Consumption of Secure Wireless Session with QOS constraints," in Proc. Int. Conf. Communications, pp. 2053--2057, 2002.
	39	Nachiketh R. Potlapally , Srivaths Ravi , Anand Raghunathan , Niraj K. Jha, Analyzing the energy consumption of security protocols, Proceedings of the 2003 international symposium on Low power electronics and design, August 25-27, 2003, Seoul, Korea [doi>10.1145/871506.871518]
	40	Xtensa application specific microprocessor solutions - Overview handbook. Tensilica Inc. (http://www.tensilica.com), 2001.
	41	Srivaths Ravi , Anand Raghunathan , Nachiketh Potlapally , Murugan Sankaradass, System design methodologies for a wireless security processing platform, Proceedings of the 39th conference on Design automation, June 10-14, 2002, New Orleans, Louisiana, USA [doi>10.1145/513918.514113]
	42	Jerome Burke , John McDonald , Todd Austin, Architectural support for fast symmetric-key cryptography, Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, p.178-189, November 2000, Cambridge, Massachusetts, United States
	43	Lisa Wu , Chris Weaver , Todd Austin, CryptoManiac: a fast flexible architecture for secure communication, Proceedings of the 28th annual international symposium on Computer architecture, p.110-119, June 30-July 04, 2001, Göteborg, Sweden
	44	Ruby B. Lee , Zhijie Shi , Xiao Yang, Cryptography Efficient Permutation Instructions for Fast Software, IEEE Micro, v.21 n.6, p.56-69, November 2001 [doi>10.1109/40.977759]
	45	Z. Shi, X. Yang, and R. B. Lee, "Arbitrary bit permutations in one or two cycles," in Proc. Int. Conf on Application-Specific Systems, Architectures and Processors, pp. 237--247, June 2003.
	46	C. E. Shannon, "Communication theory of secrecy systems," Bell System Tech. Journal, vol. 28, pp. 656--715, October 1949.
	47	Zhijie Shi , Ruby B. Lee, Bit Permutation Instructions for Accelerating Software Cryptography, Proceedings of the IEEE International Conference on Application-Specific Systems, Architectures, and Processors, p.138, July 10-12, 2000
	48	Fast Subword Permutation Instructions Using Omega and Flip Network Stages, Proceedings of the 2000 IEEE International Conference on Computer Design: VLSI in Computers & Processors, p.15, September 17-20, 2000
	49	Architectural Enhancements for Fast Subword Permutations with Repetitions in Cryptographic Applications, Proceedings of the International Conference on Computer Design: VLSI in Computers & Processors, p.453, September 23-26, 2001
	50	R. B. Lee, Z. Shi, and X. Yang, "How a processor can permute n bits in O(1) cycles," in Proc. Hot Chips 14 - A Symposium on High Performance Chips, Aug. 2002.
	51	Zhijie Jerry Shi , Ruby B. Lee, Bit permutation instructions: architecture, implementation, and cryptographic properties, 2004
	52	Kiyomichi Araki , Takakazu Satoh , Shinji Miura, Overview of Elliptic Curve Cryptography, Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography, p.29-49, February 05-06, 1998
	53	Erkay Savas , Alexandre F. Tenca , Çetin Kaya Koç, A Scalable and Unified Multiplier Architecture for Finite Fields GF(p) and GF(2m), Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems, p.277-292, August 17-18, 2000
	54	A. M. Fiskiran and R. B. Lee, PAX: A Datapath-Scalable Minimalist Cryptographic Processor for Mobile Environments (in Embedded Cryptographic Hardware: Design and Security). Nova Science Publishers (to be published), 2004.
	55	Ruby B. Lee , Z. J. Shi , Y. L. Yin , Ronald L. Rivest , M. J. B. Robshaw, On Permutation Operations in Cipher Design, Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2, p.569, April 05-07, 2004
	56	HIFN Inc. http://www.hifn.com.
	57	Corrent Inc. http://www.corrent.com.
	58	Broadcom Corporation, BCM5840 Gigabit Security Processor. http://www.broadcom.com.
	59	Next-Generation Secure Computing Base (NGSCB). Microsoft Inc. (http://www.microsoft.com/resources/ngscb/productinfo.mspx).
	60	P. N. Glaskowsky, Microsoft Details Secure PC Plans. Microprocessor Report, In-stat/MDR, June 2003.
	61	Trusted Computing Group. (https://www.trustedcomputinggroup.org/home).
	62	LaGrande Technology for Safer Computing. Intel Inc. (http://www.intel.com/technology/security).
	63	R. York, A New Foundation for CPU Systems Security. ARM Limited (http://www.arm.com/armtech/TrustZone?OpenDocument), 2003.
	64	SmartMIPS. http://www.mips.com.
	65	J. P. McGregor, D. K. Karig, Z. Shi, and R. B. Lee, "A Processor Architecture Defense against Buffer Overflow Attacks," in Proc. Int. Conf. on Information Technology: Research and Education (ITRE), pp. 243--250, Aug. 2003.
	66	Security Requirements for Cryptographic Modules (FIPS PUB 140-2). http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf.
	67	Common Criteria for Information Technology Security. http://csrc.nist.gov/cc.
	68	Edmund M. Clarke , Somesh Jha , Wilfredo R. Marrero, Using state space exploration and a natural deduction style message derivation engine to verify security protocols, Proceedings of the IFIP TC2/WG2.2,2.3 International Conference on Programming Concepts and Methods, p.87-106, June 08-12, 1998
	69	G. Lowe, Towards a Completeness Result for Model Checking of Security Protocols, Proceedings of the 11th IEEE Computer Security Foundations Workshop, p.96, June 09-11, 1998
	70	N. Potlapally, S. Ravi, A. Raghunathan, and G. Lakshminarayana, "Algorithm exploration for efficient public-key security processing on wireless handsets," in Proc. Design, Automation, and Test in Europe (DATE) Designers Forum, pp. 42--46, Mar. 2002.
	71	Luca Benini , Alberto Macii , Enrico Macii , Elvira Omerbegovic , Fabrizio Pro , Massimo Poncino, Energy-aware design techniques for differential power analysis protection, Proceedings of the 40th conference on Design automation, June 02-06, 2003, Anaheim, CA, USA [doi>10.1145/775832.775845]
	72	H. Saputra, N. Vijaykrishnan, M. Kandemir, M. J. Irwin, R. Brooks, S. Kim, and W. Zhang, "Masking the Energy Behavior of DES Encryption," pp. 84--89, Mar. 2003.

CITED BY 19

	Dominic Hillenbrand , Jörg Henkel, Block cache for embedded systems, Proceedings of the 2008 conference on Asia and South Pacific design automation, January 21-24, 2008, Seoul, Korea
	Divya Arora , Anand Raghunathan , Srivaths Ravi , Niraj K. Jha, Architectural support for safe software execution on embedded processors, Proceedings of the 4th international conference on Hardware/software codesign and system synthesis, October 22-25, 2006, Seoul, Korea
	Srivaths Ravi , Anand Raghunathan , Paul Kocher , Sunil Hattangady, Security in embedded systems: Design challenges, ACM Transactions on Embedded Computing Systems (TECS), v.3 n.3, p.461-491, August 2004
	Yusuke Matsuoka , Patrick Schaumont , Kris Tiri , Ingrid Verbauwhede, Java cryptography on KVM and its performance and security optimization using HW/SW co-design techniques, Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systems, September 22-25, 2004, Washington DC, USA
	Pallav Gupta , Srivaths Ravi , Anand Raghunathan , Niraj K. Jha, Efficient fingerprint-based user authentication for embedded systems, Proceedings of the 42nd annual conference on Design automation, June 13-17, 2005, San Diego, California, USA
	Divya Arora , Anand Raghunathan , Srivaths Ravi , Niraj K. Jha, Enhancing security through hardware-assisted run-time validation of program data properties, Proceedings of the 3rd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis, September 19-21, 2005, Jersey City, NJ, USA
	Emerson Farrugia , Robert Simon, An efficient and secure protocol for sensor network time synchronization, Journal of Systems and Software, v.79 n.2, p.147-162, February 2006
	David Hély , Frédéric Bancel , Marie-Lise Flottes , Bruno Rouzeyre, Securing Scan Control in Crypto Chips, Journal of Electronic Testing: Theory and Applications, v.23 n.5, p.457-464, October 2007
	Mario Strasser , Harald Vogt, Autonomous and distributed node recovery in wireless sensor networks, Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks, October 30-30, 2006, Alexandria, Virginia, USA
	Najwa Aaraj , Srivaths Ravi , Anand Raghunathan , Niraj K. Jha, Architectures for efficient face authentication in embedded systems, Proceedings of the conference on Design, automation and test in Europe: Designers' forum, March 06-10, 2006, Munich, Germany
	Zhenghong Wang , Ruby B. Lee, New cache designs for thwarting software cache-based side channel attacks, ACM SIGARCH Computer Architecture News, v.35 n.2, May 2007
	S. H. K. Narayanan , M. Kandemir , R. Brooks, Performance aware secure code partitioning, Proceedings of the conference on Design, automation and test in Europe, April 16-20, 2007, Nice, France
	Krutartha Patel , Sridevan Parameswaran , Seng Lin Shee, Ensuring secure program execution in multiprocessor embedded systems: a case study, Proceedings of the 5th IEEE/ACM international conference on Hardware/software codesign and system synthesis, September 30-October 03, 2007, Salzburg, Austria
	Najwa Aaraj , Srivaths Ravi , Anand Raghunathan , Niraj K. Jha, Hybrid architectures for efficient and secure face authentication in embedded systems, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, v.15 n.3, p.296-308, March 2007
	Divya Arora , Srivaths Ravi , Anand Raghunathan , Niraj K. Jha, Architectural support for run-time validation of program data properties, IEEE Transactions on Very Large Scale Integration (VLSI) Systems, v.15 n.5, p.546-559, May 2007
	Kris Tiri , Ingrid Verbauwhede, Design Method for Constant Power Consumption of Differential Logic Circuits, Proceedings of the conference on Design, Automation and Test in Europe, p.628-633, March 07-11, 2005
	Shengqi Yang , Wayne Wolf , N. Vijaykrishnan , D. N. Serpanos , Yuan Xie, Power Attack Resistant Cryptosystem Design: A Dynamic Voltage and Frequency Switching Approach, Proceedings of the conference on Design, Automation and Test in Europe, p.64-69, March 07-11, 2005
	Kris Tiri, Side-channel attack pitfalls, Proceedings of the 44th annual conference on Design automation, June 04-08, 2007, San Diego, California
	Jeremy Lee , Mohammad Tehranipoor , Chintan Patel , Jim Plusquellic, Securing Designs against Scan-Based Side-Channel Attacks, IEEE Transactions on Dependable and Secure Computing, v.4 n.4, p.325-336, October 2007