Embedded systems security—an overview

Abstract

Security is an important aspect of embedded system design. The characteristics of embedded systems give rise to a number of novel vulnerabilities. A variety of different solutions are being developed to address these security problems. In this paper, we provide a brief overview of important research topics in this domain.

This is a preview of subscription content, access via your institution.

References

  1. 1.

    Aciiçmez O, Koç ÇK, Seifert J-P (2007) On the power of simple branch prediction analysis. In: ASIACCS ’07: proceedings of the 2nd ACM symposium on information, computer and communications security. ACM, New York, pp 312–320

    Google Scholar 

  2. 2.

    Arora D, Ravi S, Raghunathan A, Jha NK (2005) Secure embedded processing through hardware-assisted runtime monitoring. In: Proceedings of the design, automation and test in Europe (DATE’05), vol 1

  3. 3.

    Ashcraft K, Engler D (2002) Using programmer-written compiler extensions to catch security holes. In: SP ’02: proceedings of the 2002 IEEE symposium on security and privacy. IEEE Computer Society, Washington, p 143

    Google Scholar 

  4. 4.

    Austin TM, Breach SE, Sohi GS (1994) Efficient detection of all pointer and array access errors. In: PLDI ’94: proceedings of the ACM SIGPLAN 1994 conference on programming language design and implementation. ACM, New York, pp 290–301

    Google Scholar 

  5. 5.

    Baratloo A, Singh N, Tsai T (2000) Transparent run-time defense against stack smashing attacks. In: Proceedings of 9th USENIX security symposium, June 2000

  6. 6.

    Barbosa M, Page D (2005) On the automatic construction of indistinguishable operations. In: Cryptography and coding. Lecture notes in computer science, vol 3796. Springer, Berlin, pp 233–247

    Google Scholar 

  7. 7.

    Barrantes EG, Ackley DH, Palmer TS, Stefanovic D, Zovi DD (2003) Randomized instruction set emulation to disrupt binary code injection attacks. In: CCS ’03: proceedings of the 10th ACM conference on computer and communications security. ACM, New York, pp 281–289

    Google Scholar 

  8. 8.

    Benini L, Macii A, Macii E, Omerbegovic E, Pro F, Poncino M (2003) Energy-aware design techniques for differential power analysis protection. In: DAC ’03: proceedings of the 40th conference on design automation. ACM, New York, pp 36–41

    Google Scholar 

  9. 9.

    Benini L, Micheli GD, Macii E, Poncino M, Scarsi R (1999) Symbolic synthesis of clock-gating logic for power optimization of synchronous controllers. ACM Trans Des Autom Electron Syst 4(4):351–375

    Article  Google Scholar 

  10. 10.

    Bhatkar S, DuVarney DC, Sekar R (2003) Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In: 12th USENIX security symposium, Washington, DC, August 2003

  11. 11.

    Biham E, Shamir A (2003) Power analysis of the key scheduling of the AES candidates. In: Second advanced encryption standard (AES) candidate conference, pp 343–347

  12. 12.

    Boneh D, DeMillo RA, Lipton RJ (1997) On the importance of checking cryptographic protocols for faults. In: Lecture notes in computer science, vol 1233. Springer, Berlin, pp 37–51

    Google Scholar 

  13. 13.

    Boneh D, DeMillo RA, Lipton RJ (2001) On the importance of eliminating errors in cryptographic computations. J Cryptol 14(2):101–119

    MATH  Article  MathSciNet  Google Scholar 

  14. 14.

    Bray B (2002) Compiler security checks in depth. Available at http://www.codeproject.com/tips/seccheck.asp, February 2002

  15. 15.

    Brumley D, Boneh D (2003) Remote timing attacks are practical. In: Proceedings of the 12th USENIX security symposium, August 2003

  16. 16.

    Bulba and Kil3r (2000) Bypassing stackguard and stackshield. Phrack Mag 10(56)

  17. 17.

    Bush WR, Pincus JD, Sielaff DJ (2000) A static analyzer for finding dynamic programming errors. Softw Pract Exp 30(7):775–802

    MATH  Article  Google Scholar 

  18. 18.

    CERT Coordination Center (2004) Vulnerability notes database. CERT Coordination Center

  19. 19.

    CERT Coordination Center (2005) CERT/CC vulnerabilities statistics 1988–2005. CERT Coordination Center

  20. 20.

    Chari S, Jutla C, Rao JR, Rohatgi P (1999) A cautionary note regarding evaluation of AES candidates on smart-cards. In: Second advanced encryption standard (AES) candidate conference, Rome, Italy. http://csrc.nist.gov/encryption/aes/round1/conf2/aes2conf.htm

  21. 21.

    Chari S, Jutla CS, Rao JR, Rohatgi P (1999) Towards sound approaches to counteract power-analysis attacks. In: CRYPTO, pp 398–412

  22. 22.

    Chaumette S, Sauveron D, New security problems raised by open multiapplication smart cards

  23. 23.

    Chevalier-Mames B, Ciet M, Joye M (2004) Low-cost solutions for preventing simple sidechannel analysis: side-channel atomicity. IEEE Trans Comput 53(6):760–768

    Article  Google Scholar 

  24. 24.

    Chew M, Song D (2002) Mitigating buffer overflows by operating system randomization. Technical Report CMU-CS-02-197, Department of Computer Science, Carnegie Mellon University, December 2002

  25. 25.

    Condit J, Harren M, McPeak S, Necula GC, Weimer W (2003) CCured in the real world. In: PLDI ’03: proceedings of the ACM SIGPLAN 2003 conference on programming language design and implementation. ACM, New York, pp 232–244

    Google Scholar 

  26. 26.

    Cousot P, Halbwachs N (1978) Automatic discovery of linear restraints among variables of a program. In: POPL ’78: proceedings of the 5th ACM SIGACT-SIGPLAN symposium on principles of programming languages. ACM, New York, pp 84–96

    Google Scholar 

  27. 27.

    Cowan C, Barringer M, Beattie S, Kroah-Hartman G, Frantzen M, Lokier J (2001) Formatguard: automatic protection from printf format string vulnerabilities. In: Proceedings of the 10th USENIX security symposium. USENIX Association, Berkeley, pp 191–200

    Google Scholar 

  28. 28.

    Daemen J, Peeters M, Assche GV (2001) Bitslice ciphers and power analysis attacks. In: FSE ’00: proceedings of the 7th international workshop on fast software encryption. Springer, London, pp 134–149

    Google Scholar 

  29. 29.

    Daemen J, Rijmen V (1999) Resistance against implementation attacks: a comparative study of the AES proposals. URL: http://csrc.nist.gov/CryptoToolkit/aes/round1/pubcmnts.htm

  30. 30.

    Danil S, Julian M, Alexander B, Alex Y (2005) Design and analysis of dual-rail circuits for security applications. IEEE Trans Comput 54(4):449–460

    Article  Google Scholar 

  31. 31.

    Deeprasertkul P, Bhattarakosol P, O’Brien F (2005) Automatic detection and correction of programming faults for software applications. J Syst Softw 78(2):101–110

    Article  Google Scholar 

  32. 32.

    DeLine R, Fahndrich M (2001) Enforcing high-level protocols in low-level software. SIGPLAN Notes 36(5):59–69

    Article  Google Scholar 

  33. 33.

    Designer S (1997) Non-executable stack patch. Available at http://www.usenix.org/events/sec02/full_papers/lhee/lhee_html/node7.html

  34. 34.

    Dhem J-F, Feyt N (2001) Hardware and software symbiosis helps smart card evolution. IEEE Micro 21(6):14–25

    Article  Google Scholar 

  35. 35.

    Dhurjati D, Kowshik S, Adve V, Lattner C (2003) Memory safety without runtime checks or garbage collection. In: LCTES ’03: proceedings of the 2003 ACM SIGPLAN conference on language, compiler, and tool for embedded systems. ACM, New York, pp 69–80

    Google Scholar 

  36. 36.

    Erlingsson Ü, Schneider FB (2000) SASI enforcement of security policies: a retrospective. In: NSPW ’99: proceedings of the 1999 workshop on new security paradigms. ACM, New York, pp 87–95

    Google Scholar 

  37. 37.

    Evans D, Twyman A (1999) Flexible policy-directed code safety. In: IEEE symposium on security and privacy, pp 32–45

  38. 38.

    Fink G, Bishop M (1997) Property-based testing: a new approach to testing for assurance. SIGSOFT Softw Eng Notes 22(4):74–80

    Article  Google Scholar 

  39. 39.

    Fiskiran A, Lee R (2004) Evaluating instruction set extensions for fast arithmetic on binary finite fields. In: Proceedings of the 15th IEEE international conference on application-specific systems, architectures and processors, pp 125–136

  40. 40.

    Forrest S, Hofmeyr SA, Somayaji A, Longstaff TA (1996) A sense of self for Unix processes. In: SP ’96: proceedings of the 1996 IEEE symposium on security and privacy. IEEE Computer Society, Washington, p 120

    Google Scholar 

  41. 41.

    Frantzen M, Shuey M (2001) StackGhost: hardware facilitated stack protection. In: 10th USENIX security symposium, pp 55–66

  42. 42.

    Gebotys C (2006) A table masking countermeasure for low-energy secure embedded systems. IEEE Trans Very Large Scale Integr Syst 14(7):740–753

    Article  Google Scholar 

  43. 43.

    Gebotys CH, Gebotys RJ (2003) Secure elliptic curve implementations: an analysis of resistance to power-attacks in a DSP processor. In: CHES ’02: revised papers from the 4th international workshop on cryptographic hardware and embedded systems. Springer, London, pp 114–128

    Google Scholar 

  44. 44.

    Gebotys CH, White BA (2006) Methodology for attack on a Java-based PDA. In: CODES+ISSS ’06. ACM, New York, pp 94–99

    Google Scholar 

  45. 45.

    Ghosh AK, O’Connor T (1998) Analyzing programs for vulnerability to buffer overrun attacks. In: Proceedings of the 21st NIST-NCSC national information systems security conference, pp 274–382

  46. 46.

    Goubin L, Patarin J (1999) Des and differential power analysis (the “duplication” method). In: CHES ’99: proceedings of the first international workshop on cryptographic hardware and embedded systems. Springer, London, pp 158–172

    Google Scholar 

  47. 47.

    Großschädl J, Savas E (2004) Instruction set extensions for fast arithmetic in finite fields gf(p) and gf(2m). In: CHES, pp 133–147

  48. 48.

    Hofmeyr SA, Forrest S, Somayaji A (1998) Intrusion detection using sequences of system calls. J Comput Secur 6(3):151–180

    Google Scholar 

  49. 49.

    Irwin J, Page D, Smart NP (2002) Instruction stream mutation for non-deterministic processors. In: ASAP ’02: proceedings of the IEEE international conference on application-specific systems, architectures, and processors. IEEE Computer Society, Washington, p 286

    Google Scholar 

  50. 50.

    Joglekar SP, Tate SR (2004) Protomon: embedded monitors for cryptographic protocol intrusion detection and prevention. In: Proceedings on the international conference on information technology: coding and computing (ITCC’04), vol 1. IEEE Computer Society, Washington, p 81

    Google Scholar 

  51. 51.

    Kc GS, Keromytis AD, Prevelakis V (2003) Countering code-injection attacks with instruction-set randomization. In: CCS ’03: proceedings of the 10th ACM conference on computer and communications security. ACM, New York, pp 272–280

    Google Scholar 

  52. 52.

    Kessels J, Kramer T, den Besten G, Peeters A, Timm V (2000) Applying asynchronous circuits in contactless smart cards. In: Advanced research in asynchronous circuits and systems (ASYNC 2000), pp 36–44

  53. 53.

    Kiriansky V, Bruening D, Amarasinghe SP (2002) Secure execution via program shepherding. In: Proceedings of the 11th USENIX security symposium. USENIX Association, Berkeley, pp 191–206

    Google Scholar 

  54. 54.

    Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Lecture notes in computer science, vol 1666. Springer, Berlin, pp 388–397

    Google Scholar 

  55. 55.

    Kocher P, Jaffe J, Jun B (1999) Using unpredictable information to minimize leakage from smartcards and other cryptosystems. US Patent 6327661

  56. 56.

    Koeune F, Standaert F-X (2006) A tutorial on physical security and side-channel attacks. In: Foundations of security analysis and design III: FOSAD 2004/2005, pp 78–108

  57. 57.

    Koopman P (2004) Embedded system security. Computer 37(7):95–97

    Article  MathSciNet  Google Scholar 

  58. 58.

    Lampson BW (1971) Protection. ACM Oper Syst 8(1):18–24

    Article  Google Scholar 

  59. 59.

    Mangard S (2003) A simple power-analysis (SPA) attack on implementations of the AES key expansion. In: Lee PJ, Lim CH (eds) Proceedings of the 5th international conference on information security and cryptology (ICISC 2002). Lecture notes in computer science, vol 2587. Springer, Berlin, pp 343–358

    Google Scholar 

  60. 60.

    Mao S, Wolf T (2007) Hardware support for secure processing in embedded systems. In: Proceedings of 44th design automation conference (DAC), pp 483–488, San Diego, CA, June 2007

  61. 61.

    Messier M, Viega J (2005) Safe C string library. Available at http://www.zork.org/safestr/

  62. 62.

    May D, Muller HL, Smart NP (2001) Non-deterministic processors. In: ACISP ’01: proceedings of the 6th Australasian conference on information security and privacy. Springer, London, pp 115–129

    Google Scholar 

  63. 63.

    May D, Muller HL, Smart NP (2001) Random register renaming to foil dpa. In: CHES ’01: proceedings of the third international workshop on cryptographic hardware and embedded systems. Springer, London, pp 28–38

    Google Scholar 

  64. 64.

    Milenkovic M, Milenkovic A, Jovanov E (2005) Hardware support for code integrity in embedded processors. In: CASES ’05: proceedings of the 2005 international conference on compilers, architectures and synthesis for embedded systems. ACM, New York, pp 55–65

    Google Scholar 

  65. 65.

    Miller TC (1999) Strlcpy and strlcat—consistent, safe, string copy and concatenation. In: 1999 USENIX annual technical conference. USENIX Association, Monterey, pp 175–178

    Google Scholar 

  66. 66.

    Muresan R, Gebotys CH (2004) Current flattening in software and hardware for security applications. In: CODES+ISSS, pp 218–223

  67. 67.

    Muresan R, Vahedi H, Zhanrong Y, Gregori S (2005) Power-smart system-on-chip architecture for embedded cryptosystems. In: CODES+ISSS ’05: proceedings of the 3rd IEEE/ACM/IFIP international conference on hardware/software codesign and system synthesis. ACM, New York, pp 184–189

    Google Scholar 

  68. 68.

    Necula GC (1997) Proof-carrying code. In: Conference record of POPL ’97: the 24th ACM SIGPLAN-SIGACT symposium on principles of programming languages, Paris, France, January 1997, pp 106–119

  69. 69.

    Nedjah N, de Macedo Mourelle L, da Silva RM (2007) Efficient hardware for modular exponentiation using the sliding-window method. In: ITNG ’07: proceedings of the international conference on information technology. IEEE Computer Society, Washington, pp 17–24

    Google Scholar 

  70. 70.

    Wikipedia Foundation Inc. (2006) Pirate decryption definition. The free encyclopedia. http://en.wikipedia.org/wiki/Pirate_decryption

  71. 71.

    Quisquater J, Samyde D (2001) Electro magnetic analysis (EMA): measures and counter-measures for smart cards. In: E-smart, pp 200–210

  72. 72.

    Ragel RG, Parameswaran S (2006) IMPRES: integrated monitoring for processor reliability and security. In: Proceedings of the design and automation conference 2006 (DAC’06). ACM, San Fransisco, pp 502–505

    Google Scholar 

  73. 73.

    Ragel RG, Parameswaran S, Kia SM (2005) Micro embedded monitoring for security in application specific instruction-set processors. In: Proceedings of the international conference on compilers, architectures, and synthesis for embedded systems (CASES’05). ACM, San Francisco

    Google Scholar 

  74. 74.

    Rakers P, Connell L, Collins T, Russell D (2001) Secure contactless smartcard ASIC with DPA protection. IEEE J Solid-State Circuits, pp 559–565

  75. 75.

    Rao JR, Rohatgi P (2001) Empowering side-channel attacks. Cryptology ePrint Archive, Report 2001/037

  76. 76.

    Ravi S, Raghunathan A, Chakradhar S (2004) Tamper resistance mechanisms for secure, embedded systems. In: 17th international conference on VLSI design, January 2004

  77. 77.

    Ravi S, Raghunathan A, Kocher P, Hattangady S (2004) Security in embedded systems: design challenges. Trans Embed Comput Syst 3(3):461–491

    Article  Google Scholar 

  78. 78.

    Rostovtsev A, Shemyakina O (2005) AES side channel attack protection using random isomorphisms. Cryptology ePrint Archive, Report 2005/087

  79. 79.

    Sakai Y, Sakurai K (2006) Simple power analysis on fast modular reduction with generalized mersenne prime for elliptic curve cryptosystems. IEICE Trans Fundam Electron Commun Comput Sci E89-A(1):231–237

    Google Scholar 

  80. 80.

    Saputra H, Vijaykrishnan N, Kandemir M, Irwin MJ, Brooks R, Kim S, Zhang W (2003) Masking the energy behavior of des encryption. 01:10084

  81. 81.

    Wikipedia Foundation Inc. (2006) SCA definition. The free encyclopedia. http://en.wikipedia.org/wiki/Static_code_analysis

  82. 82.

    Sekar R, Bendre M, Dhurjati D, Bollineni P (2001) A fast automaton-based method for detecting anomalous program behaviors. In: SP ’01: proceedings of the 2001 IEEE symposium on security and privacy. IEEE Computer Society, Washington, p 144

    Google Scholar 

  83. 83.

    Sprunk E (1999) Clock frequency modulation for secure microprocessors. US Patent WO 99/63696

  84. 84.

    Tillich S, Großschädl J (2006) Instruction set extensions for efficient AES implementation on 32-bit processors. In: CHES, pp 270–284

  85. 85.

    Tillich S, Großschädl J (2007) Power-analysis resistant AES implementation with instruction set extensions. In: Paillier P, Verbauwhede I (eds) Proceedings of the 9th international workshop on cryptographic hardware and embedded systems (CHES 2007), Wienna, Austria, September 10–13. Lecture notes in computer science, vol. 4727. Springer, Berlin, pp 303–319

    Google Scholar 

  86. 86.

    Trichina E, Seta DD, Germani L (2003) Simplified Adaptive Multiplicative Masking for AES. In: CHES ’02: revised papers from the 4th international workshop on cryptographic hardware and embedded systems. Springer, London, pp 187–197

    Google Scholar 

  87. 87.

    Wayner P (1998) Code breaker cracks smart cards’ digital safe. In: New York Times, p C1

  88. 88.

    Wolf W (2005) Multimedia applications of multiprocessor systems-on-chips. In: DATE ’05: proceedings of the conference on design, automation and test in Europe. IEEE Computer Society, Washington, pp 86–89

    Google Scholar 

  89. 89.

    YongBin Zhou DF (2005) Side-channel attacks: ten years after its publication and the impacts on cryptographic module security testing. Cryptology ePrint Archive, 2005/388

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Tilman Wolf.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Parameswaran, S., Wolf, T. Embedded systems security—an overview. Des Autom Embed Syst 12, 173–183 (2008). https://doi.org/10.1007/s10617-008-9027-x

Download citation

Keywords

  • Embedded system design
  • Vulnerabilities
  • Security