Expert Knowledge Based Design and Verification of Secure Systems with Embedded Devices

  • Vasily Desnitsky
  • Igor Kotenko
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8708)

Abstract

The sweeping growth of the amount of embedded devices together with their extensive spread pose extensively new design challenges for protection of embedded systems against a wide set of security threats. The embedded device specificity implies combined protection mechanisms require effective resource consumption of their software/hardware modules. At that the design complexity of modern embedded devices, characterized by the proper security level and acceptable resource consumption, is determined by a low structuring and formalization of security knowledge. The paper proposes an approach to elicit security knowledge for subsequent use in automated design and verification tools for secure systems with embedded devices.

Keywords

Embedded security embedded device design and verification security components expert knowledge 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abraham, D.G., Dolan, G.M., Double, G.P., Stevens, J.V.: Transaction security system. IBM Systems Journal 30(2), 206–228 (1991)CrossRefGoogle Scholar
  2. 2.
    Agaskar, A., He, T., Tong, L.: Distributed Detection of Multi-hop Information Flows with Fusion Capacity Constraints. IEEE Transactions on Signal Processing 58(6), 3373–3383 (2010)CrossRefMathSciNetGoogle Scholar
  3. 3.
    Arbaugh, W.A., van Doorn, L.: Embedded security: challenges and concerns. Computer Journal 34(10), 40–41 (2001)CrossRefGoogle Scholar
  4. 4.
    Braghin, C., Sharygina, N., Barone-Adesi, K.: A model checking-based approach for security policy verification of mobile systems. Formal Aspects of Computing Journal, 627–648 (2011)Google Scholar
  5. 5.
    Burleson, W., Clark, S.S., Ransford, B., Fu, K.: Design challenges for secure implantable medical devices. In: 49th ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 12–17 (2012)Google Scholar
  6. 6.
    Chechulin, A., Kotenko, I., Desnitsky, V.: An approach for network information flow analysis for systems of embedded components. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 146–155. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  7. 7.
    Cederquist, J.G., Torabi Dashti, M.: An intruder model for verifying liveness in security protocols. In: Proceedings of FMSE 2006, pp. 23–32 (2006)Google Scholar
  8. 8.
    Desnitsky, V., Kotenko, I., Chechulin, A.: Configuration-based approach to embedded device security. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 270–285. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  9. 9.
    Dick, N., McCallum, N.: High-speed security Embedded security. Communications Engineer Journal 2(2), 37–39 (2004)CrossRefGoogle Scholar
  10. 10.
    Eisenring, M., Thiele, L., Zitzler, E.: Conflicting criteria in embedded system design. IEEE Design & Test of Computers Journal 17(2), 51–59 (2000)CrossRefGoogle Scholar
  11. 11.
    Feigenbaum, J., Freedman, M.J., Tomas, S., Shostack, A.: Privacy Engineering for Digital Rights Management Systems. In: Proceedings of the ACM Workshop on Security and Privacy in Digital Rights Management, pp. 76–105 (2001)Google Scholar
  12. 12.
    Gogniat, G., Wolf, T., Burleson, W.: Reconfigurable Security Primitive for Embedded Systems. In: Proceedings of International Symposium on In System-on-Chip, pp. 23–28 (2005)Google Scholar
  13. 13.
    Grand, J.: Practical Secure Hardware Design for Embedded Systems. In: Proceedings of the 2004 Embedded Systems Conference, San Francisco, California, April 1 (2004)Google Scholar
  14. 14.
    Hedin, D., Sabelfeld, A.: A Perspective on Information-Flow. In: summer school Control Tools for Analysis and Verification of Software Safety and Security, Marktoberdorf, Germany (2011)Google Scholar
  15. 15.
    Juengst, W.E., Heinrich, M.: Using Resource Balancing to Configure Modular Systems. IEEE Computer Society Intelligent Systems and their Applications 13(4), 50–58 (1998)CrossRefGoogle Scholar
  16. 16.
    Knezevic, M., Rozic, V., Verbauwhede, I.: Design Methods for Embedded Security. Telfor Journal 1(2) (2009)Google Scholar
  17. 17.
    Kocher, P., Lee, R., Mcgraw, G., Ravi, S.: Security as a new dimension in embedded system design. In: Proceedings of the 41st Design Automation Conference (DAC 2004), pp. 753–760 (2004)Google Scholar
  18. 18.
    Kommerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: Proceedings of the USENIX Workshop on Smartcard Technology, pp. 9–20 (1999)Google Scholar
  19. 19.
    Koopman, P.: Embedded System Security. IEEE Computer (7) (2004)Google Scholar
  20. 20.
    Kotenko, I., Polubelova, O.: Verification of Security Policy Filtering Rules by Model Checking. In: Proceedings of IEEE Fourth International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications(IDAACS 2011), pp. 706–710 (2011)Google Scholar
  21. 21.
    Object Management Group, The UML Profile for MARTE: Modeling and Analysis of Real-Time and Embedded Systems, Version 1.1 (2011)Google Scholar
  22. 22.
    Moyers, B.R., Dunning, J.P., Marchany, R.C., Tron, J.G.: Effects of Wi-Fi and Bluetooth Battery Exhaustion Attacks on Mobile Devices. In: Proceedings of the 43rd Hawaii International Conference on System Sciences (HICSS 2010), pp. 1–9. IEEE Computer Society (2010)Google Scholar
  23. 23.
    Pieters, W., Coles-Kemp, L.: Reducing normative conflicts in information security. In: Proceedings of the 2011 Workshop on New Security Paradigms Workshop, pp. 11–24 (2011)Google Scholar
  24. 24.
    Pistoia, M., Chandra, S., Fink, S., Yahav, E.: A Survey of Static Analysis Methods for Identifying Security Vulnerabilities In Software Systems. IBM Systems Journal (2007)Google Scholar
  25. 25.
    Rae, A.J., Wildman, L.P.: A Taxonomy of Attacks on Secure Devices. In: Australian Information Warfare and IT Security, Australia, November 20-21, pp. 251–264 (2003)Google Scholar
  26. 26.
    Rae, A., Fidge, C.: Identifying Critical Components during Information Security Evaluations. Journal of Research and Practice in Information Technology, 391–402 (2005)Google Scholar
  27. 27.
    Ravi, S., Raghunathan, A., Kocher, P., Hattangady, S.: Security in Embedded Systems: Design Challenges. ACM Transactions on Embedded Computing Systems 3(3), 461–491 (2004)CrossRefGoogle Scholar
  28. 28.
    Ruiz, J.F., Harjani, R., Maña, A., Desnitsky, V., Kotenko, I., Chechulin, A.: A Methodology for the Analysis and Modeling of Security Threats and Attacks for Systems of Embedded Components. In: Proceedings of the 20th Euromicro International Conference on Parallel, Distributed and Network-Based Computing (PDP 2012), Munich, Germany, February 15-17 (2012)Google Scholar
  29. 29.
    Ruiz, J.F., Rein, A., Arjona, M., Mana, A., Monsifrot, A., Morvan, M.: Security Engineering and Modelling of Set-Top Boxes. In: 2012 ASE/IEEE International Conference on Proceedings of BioMedical Computing (BioMedCom), pp. 113–122 (2012)Google Scholar
  30. 30.
    Sabin, D., Weigel, R.: Product configuration frameworks-a survey. Intelligent Systems and their Applications IEEE Computer Society 13(4), 42–49 (1998)CrossRefGoogle Scholar
  31. 31.
    SecFutur. Design of Secure and energy-efficient embedded systems for Future internet applications, FP7 Project Web site, http://www.secfutur.eu
  32. 32.
    Sprintson, A., El Rouayheb, S., Georghiades, C.: A New Construction Method for Networks from Matroids. In: Proceedings of the 2009 Symposium on Information Theory (ISIT 2009) (2009)Google Scholar
  33. 33.
    Wang, Z., Johnson, R., Murmuria, R., Stavrou, A.: Exposing Security Risks for Commercial Mobile Devices. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 3–21. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  34. 34.
    Wei, G., Qin, Y.: An Approach of Product Configuration Based on Decision Tree and Minimum Conflicts Repair Algorithm. In: Proceedings of the International Conference on Information Management, Innovation Management and Industrial Engineering (ICII 2009), vol. 1, pp. 126–129 (2009)Google Scholar
  35. 35.
    Yu, B., Skovgaard, H.J.: A Configuration Tool to Increase Product Competitiveness. IEEE Intelligent Systems 13(4), 34–41 (1998)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2014

Authors and Affiliations

  • Vasily Desnitsky
    • 1
  • Igor Kotenko
    • 1
    • 2
  1. 1.Laboratory of Computer Security ProblemsSt. Petersburg Institute for Informatics and Automation (SPIIRAS)St. PetersburgRussia
  2. 2.Mechanics and OpticsSt. Petersburg National Research University of Information TechnologiesSaint-PetersburgRussia

Personalised recommendations