Article

Security as a new dimension in embedded system design

Authors:

Anand Raghunathan Moderator:

Srivaths RaviAuthors Info & Claims

DAC '04: Proceedings of the 41st annual Design Automation Conference

Pages 753 - 760

https://doi.org/10.1145/996566.996771

Published: 07 June 2004 Publication History

Abstract

The growing number of instances of breaches in information security in the last few years has created a compelling case for efforts towards secure electronic systems. Embedded systems, which will be ubiquitously used to capture, store, manipulate, and access data of a sensitive nature, pose several unique and interesting security challenges. Security has been the subject of intensive research in the areas of cryptography, computing, and networking. However, despite these efforts, security is often mis-construed by designers as the hardware or software implementation of specific cryptographic algorithms and security protocols. In reality, it is an entirely new metric that designers should consider throughout the design process, along with other metrics such as cost, performance, and power..This paper is intended to introduce embedded system designers and design tool developers to the challenges involved in designing secure embedded systems. We attempt to provide a unified and holistic view of embedded system security by first analyzing the typical functional security requirements for embedded systems from an end-user perspective. We then identify the implied challenges for embedded system architects, as well as hardware and software designers (e.g., tamper-resistant embedded system design, processing requirements for security, impact of security on battery life for battery-powered systems, etc.). We also survey solution techniques to address these challenges, drawing from both current practice and emerging research, and identify open research problems that will require innovations in embedded system architecture and design methodologies.

References

[1]

Counterpane Internet Security, Inc. http://www.counterpane.com.]]

[2]

ePaynews - Mobile Commerce Statistics. http://www.epaynews.com/statistics/mcommstats.html.]]

[3]

W. Stallings, Cryptography and Network Security: Principles and Practice. Prentice Hall, 1998.]]

Digital Library

[4]

B. Schneier, Applied Cryptography: Protocols, Algorithms and Source Code in C. John Wiley and Sons, 1996.]]

Digital Library

[5]

IPSec Working Group. http://www.ietf.org/html.charters/ipsec-charter.html.]]

[6]

SSL 3.0 Specification. http://wp.netscape.com/eng/ssl3/.]]

[7]

Biometrics and Network Security. Prentice Hall PTR, 2003.]]

Digital Library

[8]

OpenIPMP. http://www.openipmp.org.]]

[9]

Internet Streaming Media Alliance. http:/www.isma.tv/home.]]

[10]

MPEG Open Security for Embedded Systems (MOSES). http://www.crl.co.uk/projects/moses/.MPEG Open Security for Embedded Systems (MOSES). http://www.crl.co.uk/projects/moses/.]]

[11]

Discretix Technologies Ltd. (http://www.discretix.com).]]

[12]

D. Lie, C. A. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. C. Mitchell, and M. Horowitz, "Architectural support for copy and tamper resistant software," in Proc. ACM Architectural Support for Programming Languages and Operating Systems (ASPLOS), pp. 168--177, 2000.]]

Digital Library

[13]

G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas, "AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing," in Proc. Intl Conf. Supercomputing (ICS '03), pp. 160--171, June 2003.]]

Digital Library

[14]

R. M. Best, Crypto Microprocessor for Executing Enciphered Programs. U.S. patent 4,278,837, July 1981.]]

[15]

M. Kuhn, The TrustNo 1 Cryptoprocessor Concept. CS555 Report, Purdue University (http://www.cl.cam.ac.uk/mgk25/), Apr. 1997.]]

[16]

G. Hoglund and G. McGraw, Exploiting Software: How to Break Code (http://www.exploitingsoftware.com). Addison-Wesley, 2004.]]

Digital Library

[17]

J. Viega and G. McGraw, Building Secure Software (http://www.buildingsecuresoftware.com). Addison-Wesley, 2001.]]

[18]

G. McGraw, "Software Security," IEEE Security & Privacy, vol. 2, pp. 80--83, March-April 2004.]]

Digital Library

[19]

R. Anderson and M. Kuhn, "Tamper resistance - a cautionary note," 1996.]]

[20]

R. Anderson and M. Kuhn, "Low cost attacks on tamper resistant devices," in IWSP: Intl. Wkshp. on Security Protocols, Lecture Notes on Computer Science, pp. 125--136, 1997.]]

Digital Library

[21]

O. Kommerling and M. G. Kuhn, "Design principles for tamper-resistant smartcard processors," in Proc. USENIX Wkshp. on Smartcard Technology (Smartcard '99), pp. 9--20, May 1999.]]

Digital Library

[22]

Smart Card Handbook. John Wiley and Sons.]]

Digital Library

[23]

E. Hess, N. Janssen, B. Meyer, and T. Schutze, "Information Leakage Attacks Against Smart Card Implementations of Cryptographic Algorithms and Countermeasures," in Proc. EUROSMART Security Conference, pp. 55--64, June 2000.]]

[24]

J. J. Quisquater and D. Samyde, "Side channel cryptanalysis," in Proc. of the SECI, pp. 179--184, 2002.]]

[25]

J. Kelsey, B. Schneier, D. Wagner, and C. Hall, "Side Channel Cryptanalysis of Product Ciphers," in Proc. ESORICS'98, pp. 97-110, Sept. 1998.]]

Digital Library

[26]

S. Ravi, A. Raghunathan, and S. Chakradhar, "Tamper Resistance Mechanisms for Secure Embedded Systems," in Proc. Int. Conf. VLSI Design, Jan. 2004.]]

Digital Library

[27]

P. C. Kocher, "Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems," Advances in Cryptology - CRYPTO'96, Springer-Verlag Lecture Notes in Computer Science, vol. 1109, pp. 104-113, 1996.]]

Digital Library

[28]

T. S. Messerges, E. A. Dabbish, and R. H. Sloan, "Examining Smart-Card Security under the Threat of Power Analysis Attacks," IEEE Trans. Comput., vol. 51, pp. 541--552, May 2002.]]

Digital Library

[29]

P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis," Advances in Cryptology - CRYPTO'99, Springer-Verlag Lecture Notes in Computer Science, vol. 1666, pp. 388--397, 1999.]]

Digital Library

[30]

U.S. Patents Nos. 6,278,783; 6,289,455; 6,298,442; 6,304,658; 6,327,661; 6,381,699; 6,510,518; 6,539,092; 6,640,305; and 6,654,884. http://www.cryptography.com/technology/dpa/licensing.html.]]

[31]

D. Boneh, R. DeMillo, and R. Lipton, "On the importance of eliminating errors in cryptographic computations," Cryptology, vol. 14, no. 2, pp. 101--119, 2001.]]

Digital Library

[32]

W. van Eck, "Electromagnetic radiation from video display units: an eavesdropping risk?," Computers and Security, vol. 4, no. 4, pp. 269--286, 1985.]]

Digital Library

[33]

M. G. Kuhn and R. Anderson, "Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations," in Proc. Int. Wkshp. on Information Hiding (IH '98), pp. 124--142, Apr. 1998.]]

[34]

J. J. Quisquater and D. Samyde, "ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards," Lecture Notes in Computer Science (Smartcard Programming and Security), vol. 2140, pp. 200--210, 2001.]]

Digital Library

[35]

K. Gandolfi, C. Mourtel, and F. Olivier, "Electromagnetic analysis: Concrete results," Cryptographic Hardware and Embedded Systems, pp. 251--261, 2001.]]

Digital Library

[36]

S. Ravi, A. Raghunathan, and N. Potlapally, "Securing wireless data: System architecture challenges," in Proc. Intl. Symp. System Synthesis, pp. 195--200, October 2002.]]

Digital Library

[37]

D. Boneh and N. Daswani, "Experimenting with electronic commerce on the PalmPilot," in Proc. Financial Cryptography, pp. 1--16, Feb. 1999.]]

Digital Library

[38]

R. Karri and P. Mishra, "Minimizing Energy Consumption of Secure Wireless Session with QOS constraints," in Proc. Int. Conf. Communications, pp. 2053--2057, 2002.]]

[39]

N. Potlapally, S. Ravi, A. Raghunathan, and N. K. Jha, "Analyzing the energy consumption of security protocols," in Proc. Int. Symp. Low Power Electronics & Design, pp. 30--35, Aug. 2003.]]

Digital Library

[40]

Xtensa application specific microprocessor solutions - Overview handbook. Tensilica Inc. (http://www.tensilica.com), 2001.]]

[41]

S. Ravi, A. Raghunathan, N. Potlapally, and M. Sankaradass, "System design methodologies for a wireless security processing platform," in Proc. ACM/IEEE Design Automation Conf., pp. 777--782, June 2002.]]

Digital Library

[42]

J. Burke, J. McDonald, and T. Austin, "Architectural support for fast symmetric-key cryptography," in Proc. Intl. Conf. ASPLOS, pp. 178--189, Nov. 2000.]]

Digital Library

[43]

L. Wu, C. Weaver, and T. Austin, "Cryptomaniac: A Fast Flexible Architecture for Secure Communication," in Proc. Int. Symp. Computer Architecture, pp. 110--119, June 2001.]]

Digital Library

[44]

R. B. Lee, Z. Shi, and X. Yang, "Efficient permutations for fast software cryptography," IEEE Micro, vol. 21, pp. 56--69, Dec. 2001.]]

Digital Library

[45]

Z. Shi, X. Yang, and R. B. Lee, "Arbitrary bit permutations in one or two cycles," in Proc. Int. Conf on Application-Specific Systems, Architectures and Processors, pp. 237--247, June 2003.]]

[46]

C. E. Shannon, "Communication theory of secrecy systems," Bell System Tech. Journal, vol. 28, pp. 656--715, October 1949.]]

[47]

Z. Shi and R. Lee, "Bit Permutation Instructions for Accelerating Software Cryptography," in Proc. IEEE Intl. Conf. Application-specific Systems, Architectures and Processors, pp. 138--148, 2000.]]

Digital Library

[48]

X. Yang and R. B. Lee, "Fast subword permutation instructions using omega and flip network stages," in Proc. Int. Conf. Computer Design, pp. 15--22, Sept. 2000.]]

Digital Library

[49]

J. P. McGregor and R. B. Lee, "Architectural enhancements for fast subword permutations with repetitions in cryptographic applications," in Proc. Int. Conf. Computer Design, pp. 453--461, Sept. 2001.]]

Digital Library

[50]

R. B. Lee, Z. Shi, and X. Yang, "How a processor can permute n bits in O(1) cycles," in Proc. Hot Chips 14 - A Symposium on High Performance Chips, Aug. 2002.]]

[51]

Z. Shi, Bit Permutation Instructions: Architecture, Implementation and Cryptographic Properties. PhD thesis, Princeton University, 2004.]]

Digital Library

[52]

K. Araki, T. Satoh, and S. Miura, "Overview of Elliptic Curve Cryptography," Springer-Verlag Lecture Notes in Computer Science, vol. 1431, pp. 29--48, 1998.]]

Digital Library

[53]

E. Savas, A. F. Tenca, and C. K. Koc, "A Scalable and Unified Multiplier Architecture for Finite Fields GF(p) and GF(2n)," Springer-Verlag Lecture Notes in Computer Science, vol. 1965, pp. 277--292, 2000.]]

Digital Library

[54]

A. M. Fiskiran and R. B. Lee, PAX: A Datapath-Scalable Minimalist Cryptographic Processor for Mobile Environments (in Embedded Cryptographic Hardware: Design and Security). Nova Science Publishers (to be published), 2004.]]

[55]

R. B. Lee, R. L. Rivest, M. J. B. Robshaw, Z. J. Shi, and Y. L. Yin, "Permutation operations in cipher design," in Proc. Intl. Conf. on Information Technology (ITCC)s, Apr. 2004.]]

Digital Library

[56]

HIFN Inc. http://www.hifn.com.]]

[57]

Corrent Inc. http://www.corrent.com.]]

[58]

Broadcom Corporation, BCM5840 Gigabit Security Processor. http://www.broadcom.com.]]

[59]

Next-Generation Secure Computing Base (NGSCB). Microsoft Inc. (http://www.microsoft.com/resources/ngscb/productinfo.mspx).]]

[60]

P. N. Glaskowsky, Microsoft Details Secure PC Plans. Microprocessor Report, In-stat/MDR, June 2003.]]

[61]

Trusted Computing Group. (https://www.trustedcomputinggroup.org/home).]]

[62]

LaGrande Technology for Safer Computing. Intel Inc. (http://www.intel.com/technology/security).]]

[63]

R. York, A New Foundation for CPU Systems Security. ARM Limited (http://www.arm.com/armtech/TrustZone?OpenDocument), 2003.]]

[64]

SmartMIPS. http://www.mips.com.]]

[65]

J. P. McGregor, D. K. Karig, Z. Shi, and R. B. Lee, "A Processor Architecture Defense against Buffer Overflow Attacks," in Proc. Int. Conf. on Information Technology: Research and Education (ITRE), pp. 243--250, Aug. 2003.]]

[66]

Security Requirements for Cryptographic Modules (FIPS PUB 140-2). http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf.]]

[67]

Common Criteria for Information Technology Security. http://csrc.nist.gov/cc.]]

[68]

E. M. Clarke, S. Jha, and W. Marrero, "Using state space exploration and a natural deduction style message derivation engine to verify security protocols," in Proc. IFIP Working Conf. on Programming Concepts and Methods, 1998.]]

Digital Library

[69]

G. Lowe, "Towards a completeness result for model checking of security protocols," in Proc. 11th Computer Security Foundations Wkshp., 1998.]]

Digital Library

[70]

N. Potlapally, S. Ravi, A. Raghunathan, and G. Lakshminarayana, "Algorithm exploration for efficient public-key security processing on wireless handsets," in Proc. Design, Automation, and Test in Europe (DATE) Designers Forum, pp. 42--46, Mar. 2002.]]

[71]

L. Benini, A. Macii, E. Macii, E. Omerbegovic, F. Pro, and M. Poncino, "Energy-aware design techniques for differential power analysis protection," in Proc. Design Automation Conf., pp. 36--41, June 2003.]]

Digital Library

[72]

H. Saputra, N. Vijaykrishnan, M. Kandemir, M. J. Irwin, R. Brooks, S. Kim, and W. Zhang, "Masking the Energy Behavior of DES Encryption," pp. 84--89, Mar. 2003.]]

Cited By

Zhu JZhu XBorowski MZhang HPal CSaha SGu DMcDonald-Maier KZhai X(2024)NIRVANA: Non-Invasive Real-Time VulnerAbility ANAlysis for RISC-V Processor2024 IEEE International Conference on Omni-layer Intelligent Systems (COINS)10.1109/COINS61597.2024.10622226(1-6)Online publication date: 29-Jul-2024
https://doi.org/10.1109/COINS61597.2024.10622226
Cherckesova LRevyakina EBuryakova OGazizov A(2024)Creation of an encryption algorithm resistant to attacks through side channels of leakageE3S Web of Conferences10.1051/e3sconf/202458306011583(06011)Online publication date: 25-Oct-2024
https://doi.org/10.1051/e3sconf/202458306011
Antwi-Boasiako EZhou SLiao YKuada EDanso E(2024)Enhanced privacy-preserving distributed deep learning with application to fog-based IoTInternet of Things10.1016/j.iot.2024.10118326(101183)Online publication date: Jul-2024
https://doi.org/10.1016/j.iot.2024.101183
Show More Cited By

Index Terms

Security as a new dimension in embedded system design

Recommendations

Security challenges in embedded systems
Special section on ESTIMedia'12, LCTES'11, rigorous embedded systems design, and multiprocessor system-on-chip for cyber-physical systems

Embedded systems security is a significant requirement in emerging environments, considering the increasing deployment of embedded systems in several application domains. The large number of deployed embedded systems, their limited resources and their ...
Security in embedded systems: Design challenges

Many modern electronic systems---including personal computers, PDAs, cell phones, network routers, smart cards, and networked sensors to name a few---need to access, store, manipulate, or communicate sensitive information, making security a serious ...
Cyberentity Security in the Internet of Things

A proposed Internet of Things system architecture offers a solution to the broad array of challenges researchers face in terms of general system security, network security, and application security.

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

DAC '04: Proceedings of the 41st annual Design Automation Conference

June 2004

1002 pages

ISBN:1581138288

DOI:10.1145/996566

General Chair:
Sharad Malik
Princeton University, Princeton, NJ
,
Program Chairs:
Limor Fix
Intel Semiconductors Ltd., Haifa, Israel
,
Andrew B. Kahng
University of California at San Diego, La Jolla, CA

Copyright © 2004 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 June 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

DAC04

Sponsor:

DAC04: The 41st Annual Design Automation Conference 2004

June 7 - 11, 2004

CA, San Diego, USA

Acceptance Rates

Overall Acceptance Rate 1,770 of 5,499 submissions, 32%

Upcoming Conference

DAC '25

Sponsor:
sigda

62nd ACM/IEEE Design Automation Conference

June 22 - 26, 2025

San Francisco , CA , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

209
Total Citations
View Citations
7,765
Total Downloads

Downloads (Last 12 months)113
Downloads (Last 6 weeks)12

Reflects downloads up to 23 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zhu JZhu XBorowski MZhang HPal CSaha SGu DMcDonald-Maier KZhai X(2024)NIRVANA: Non-Invasive Real-Time VulnerAbility ANAlysis for RISC-V Processor2024 IEEE International Conference on Omni-layer Intelligent Systems (COINS)10.1109/COINS61597.2024.10622226(1-6)Online publication date: 29-Jul-2024
https://doi.org/10.1109/COINS61597.2024.10622226
Cherckesova LRevyakina EBuryakova OGazizov A(2024)Creation of an encryption algorithm resistant to attacks through side channels of leakageE3S Web of Conferences10.1051/e3sconf/202458306011583(06011)Online publication date: 25-Oct-2024
https://doi.org/10.1051/e3sconf/202458306011
Antwi-Boasiako EZhou SLiao YKuada EDanso E(2024)Enhanced privacy-preserving distributed deep learning with application to fog-based IoTInternet of Things10.1016/j.iot.2024.10118326(101183)Online publication date: Jul-2024
https://doi.org/10.1016/j.iot.2024.101183
Naidoo PSibanda M(2024)Embedded Supercomputing for Edge Devices: A Comprehensive ReviewFrom Internet of Things to Internet of Intelligence10.1007/978-3-031-55718-7_9(157-173)Online publication date: 23-Apr-2024
https://doi.org/10.1007/978-3-031-55718-7_9
Pearce HKarri RTan B(2023)High-Level Approaches to Hardware Security: A TutorialACM Transactions on Embedded Computing Systems10.1145/357720022:3(1-40)Online publication date: 20-Apr-2023
https://dl.acm.org/doi/10.1145/3577200
Maroun ESchoeberl MPuschner P(2023)Compiler-Directed Constant Execution Time on Flat Memory Systems2023 IEEE 26th International Symposium on Real-Time Distributed Computing (ISORC)10.1109/ISORC58943.2023.00019(64-75)Online publication date: May-2023
https://doi.org/10.1109/ISORC58943.2023.00019
Gupta NJati AChattopadhyay A(2023)CRYSTALS-Dilithium on RISC-V Processor: Lightweight Secure Boot Using Post-Quantum Digital Signature2023 IEEE/ACM International Conference on Computer Aided Design (ICCAD)10.1109/ICCAD57390.2023.10323688(1-7)Online publication date: 28-Oct-2023
https://doi.org/10.1109/ICCAD57390.2023.10323688
Rookard CKhojandi A(2023)Applying Deep Reinforcement Learning for Detection of Internet-of- Things Cyber Attacks2023 IEEE 13th Annual Computing and Communication Workshop and Conference (CCWC)10.1109/CCWC57344.2023.10099349(0389-0395)Online publication date: 8-Mar-2023
https://doi.org/10.1109/CCWC57344.2023.10099349
Lutskyi MGnatyuk SVerkhovets OPolozhentsev A(2023)Information Flows Formalization for BSD Family Operating Systems Security Against Unauthorized InvestigationInformation Technology for Education, Science, and Technics10.1007/978-3-031-35467-0_16(235-246)Online publication date: 18-Jun-2023
https://doi.org/10.1007/978-3-031-35467-0_16
Won JWen HLin Z(2022)What You See is Not What You Get: Revealing Hidden Memory Mapping for Peripheral ModelingProceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3545948.3545957(200-213)Online publication date: 26-Oct-2022
https://dl.acm.org/doi/10.1145/3545948.3545957
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents