article

Non-intrusive runtime monitoring through power consumption to enforce safety and security properties in embedded systems

Authors:

Sebastian FischmeisterAuthors Info & Claims

Formal Methods in System Design, Volume 53, Issue 1

Pages 113 - 137

https://doi.org/10.1007/s10703-017-0298-3

Published: 01 August 2018 Publication History

Abstract

The increasing complexity and connectivity of modern embedded systems highlight the importance of runtime monitoring to ensure correctness and security. This poses a significant challenge, since monitoring tools can break extra-functional requirements such as timing constraints. Non-intrusive program tracing through side-channel analysis techniques have recently appeared in the literature and constitute a promising approach. Existing techniques, however, exhibit important limitations. In this paper, we present a novel technique for non-intrusive program tracing from power consumption, based on a signals and system analysis approach: we view the power consumption signal as the output of a system with the power consumption of training samples as input. Using spectral analysis, we compute the impulse response to identify the system; the intuition is that for the correct training sample, the system will appear close to a system that outputs a shifted copy of the input signal, for which the impulse response is an impulse at the position corresponding to the shift. We also use the Control Flow Graph from the source code to constrain the classifier to valid sequences only, leading to substantial performance improvements over previous works. Experimental results confirm the effectiveness of our technique and show its applicability to runtime monitoring. The experiments include tracing programs that execute randomly generated sequences of functions as well as tracing a real application developed with SCADE. The experimental evaluation also includes a case-study as evidence of the usability of our technique to detect anomalous execution through runtime monitoring.

References

[1]

Aleph One (1996) Smashing the stack for fun and profit. Phrack magazine

[2]

Atmel Corporation (2012) AVR 8-bit and 32-bit microcontrollers. http://www.atmel.com/products/microcontrollers/avr

[3]

Bishop M (2003) Computer security: art and science. Addison-Wesley, Boston

[4]

Chandola V, Banerjee A, Kumar V (2009) Anomaly detection: a survey. ACM Comput Surv (CSUR)

Digital Library

[5]

Chen F, Roşu G (2005) Java-MOP: a monitoring oriented programming environment for Java. In: 11th international conference on tools and algorithms for the construction and analysis of systems

Digital Library

[6]

Chris Lattner and the LLVM Developer Group: The LLVM compiler infrastructure. http://llvm.org

[7]

Clark SS, Ransford B, Rahmati A, Guineau S, Sorber J, Fu K, Xu W (2013) WattsUpDoc: power side channels to nonintrusively discover untargeted malware on embedded medical devices. In: USENIX workshop on health information technologies. USENIX

Digital Library

[8]

Cormen TH, Leiserson CE, Rivest RL, Stein C (2009) Introduction to algorithms, 3rd edn. The MIT Press, Cambridge

Digital Library

[9]

Dormoy FX (2008) SCADE 6: a model based solution for safety critical software development. In: Proceedings of the 4th European congress on embedded real time software (ERTS'08)

[10]

Eisenbarth T, Paar C, Weghenkel B (2010) Building a side channel based disassembler. In: Transactions on computational science X, pp. 78---99. Springer, Berlin

Digital Library

[11]

Frigo M, Johnson SG (2005) The design and implementation of FFTW3. In: Proceedings of the IEEE. Special issue on "program generation, optimization, and platform adaptation"

[12]

Guthaus MR, Ringenberg JS, Ernst D, Austin TM, Mudge T, Brown RB (2001) MiBench: a free, commercially representative embedded benchmark suite. In: Proceedings of the workload characterization. IEEE Computer Society

Digital Library

[13]

Havelund K (2008) Runtime verification of C programs. In: International conference on testing of software and communicating systems

Digital Library

[14]

Havelund K, Roşu G (2001) Monitoring Java programs with Java PathExplorer. Electronic Notes in Theoretical Computer Science 55(2):200---217. RV'2001, Runtime Verification

[15]

Kim M, Viswanathan M, Kannan S, Lee I, Sokolsky O (2004) Java-MaC: a run-time assurance approach for Java programs. Formal Methods Syst Des 24(2):129---155

Digital Library

[16]

Knuth DE (1998) The art of computer programming. Volume 2: seminumerical algorithms, 3rd edn. Addison-Wesley, Boston

Digital Library

[17]

Liu Y, Wei L, Zhou Z, Zhang K, Xu W, Xu Q (2016) On code execution tracking via power side-channel. In: ACM conference on computer and communications security. ACM, pp. 1019---1031

Digital Library

[18]

Moreno C (2013) Side-channel analysis: countermeasures and application to embedded systems debugging. Ph.D. Thesis, University of Waterloo

[19]

Moreno C, Fischmeister S (2016) Non-intrusive runtime monitoring through power consumption: a signals and system analysis approach to reconstruct the trace. In: International conference on runtime verification. Springer, pp. 268---284

[20]

Moreno C, Fischmeister S (2017) On the security of safety-critical embedded systems: who watches the watchers? Who reprograms the watchers? In: 3rd international conference on information systems security and privacy

[21]

Moreno C, Fischmeister S, Hasan MA (2013) Non-intrusive program tracing and debugging of deployed embedded systems through side-channel analysis. In: Conference on languages, compilers and tools for embedded systems, pp 77---88

Digital Library

[22]

Moreno C, Kauffman S, Fischmeister S (2016) Efficient program tracing and monitoring through power consumption--with a little help from the compiler. In: Design, automation, and test (DATE)

Digital Library

[23]

Msgna M, Markantonakis K, Mayes K (2013) The B-side of side channel leakage: control flow security in embedded systems. In: International conference on security and privacy in communication systems. Springer, pp 288---304

[24]

Navabpour S, Joshi Y, Wu W, Berkovich S, Medhat R, Bonakdarpour B, Fischmeister S (2013) RiTHM: a tool for enabling time-triggered runtime verification for C programs. In: Foundations of software engineering. ACM, pp 603---606

Digital Library

[25]

Pnueli A, Zacks A (2006) PSL model checking and run-time verification via testers. In: 14th international symposium on formal methods

Digital Library

[26]

Press W, Teukolsky S, Vetterling W, Flannery B (1992) Numerical recipes in C, 2nd edn. Cambridge University Press, Cambridge

Digital Library

[27]

Proakis JG, Manolakis DG (2006) Digital signal processing: principles, algorithms, and applications, 4th edn. Prentice Hall, Upper Saddle River

Digital Library

[28]

Seyster J, Dixit K, Huang X, Grosu R, Havelund K, Smolka SA, Stoller SD, Zadok E (2010) Aspect-oriented instrumentation with GCC, In: RV. Springer, pp 405---420

Digital Library

[29]

Solar Designer (1997) "return-to-libc" attack. Bugtraq

[30]

Webb AR, Copsey KD (2011) Statistical pattern recognition, 3rd edn. Wiley, New York

[31]

Weiss MA (2006) Data structures and algorithm analysis in C++, 3rd edn. Addison-Wesley, Boston

Digital Library

Cited By

Lu SLysecky R(2019)Data-driven Anomaly Detection with Timing Features for Embedded SystemsACM Transactions on Design Automation of Electronic Systems10.1145/327994924:3(1-27)Online publication date: 2-Apr-2019
https://dl.acm.org/doi/10.1145/3279949
Falcone YSánchez C(2018)Introduction to the special issue on runtime verificationFormal Methods in System Design10.1007/s10703-018-0320-453:1(1-5)Online publication date: 1-Aug-2018
https://dl.acm.org/doi/10.1007/s10703-018-0320-4

Recommendations

Runtime verification of real-time embedded systems
EMSOFT '12: Proceedings of the tenth ACM international conference on Embedded software

Time-triggered runtime verification aims at tackling two defects associated with runtime overhead: unboundedness and unpredictability. In this approach, a monitor runs in parallel with the program under inspection and periodically samples the program ...
Runtime Monitoring of Behavioral Properties in Dynamically Adaptive Systems
SBES '19: Proceedings of the XXXIII Brazilian Symposium on Software Engineering

A Dynamically adaptive System (DAS) enable adaptations at runtime based on context information. DAS can be developed following the same approach used in Dynamic Software Product Lines (DSPL). Then, software engineers design the behavioral adaptations of ...
Non-Intrusive In-Situ Requirements Monitoring of Embedded System

Accounting for all operating conditions of a system at the design stage is typically infeasible for complex systems. Monitoring and verifying system requirements at runtime enable a system to continuously and introspectively ensure the system is ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Formal Methods in System Design

Formal Methods in System Design Volume 53, Issue 1

August 2018

163 pages

ISSN:0925-9856

Issue’s Table of Contents

Copyright © Copyright © 2018 Springer Science+Business Media, LLC, part of Springer Nature.

Publisher

Kluwer Academic Publishers

United States

Publication History

Published: 01 August 2018

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Lu SLysecky R(2019)Data-driven Anomaly Detection with Timing Features for Embedded SystemsACM Transactions on Design Automation of Electronic Systems10.1145/327994924:3(1-27)Online publication date: 2-Apr-2019
https://dl.acm.org/doi/10.1145/3279949
Falcone YSánchez C(2018)Introduction to the special issue on runtime verificationFormal Methods in System Design10.1007/s10703-018-0320-453:1(1-5)Online publication date: 1-Aug-2018
https://dl.acm.org/doi/10.1007/s10703-018-0320-4

View Options

View options

Figures

Tables

Media

View Issue’s Table of Contents