1 / 18

Embedded System Security: A Configurable Approach

Embedded System Security: A Configurable Approach. Wayne Burleson (VLSI), Tilman Wolf (Network Processors), Russ Tessier (Configurable Computing), Weibo Gong (Intrusion Detection), Guy Gogniat (Configurable Security), on leave from Université de Bretagne Sud, FRANCE

ulani
Download Presentation

Embedded System Security: A Configurable Approach

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Embedded System Security:A Configurable Approach Wayne Burleson (VLSI), Tilman Wolf (Network Processors), Russ Tessier (Configurable Computing), Weibo Gong (Intrusion Detection), Guy Gogniat (Configurable Security), on leave from Université de Bretagne Sud, FRANCE University of Massachusetts Amherst burleson@ecs.umass.edu

  2. Attacks on Embedded Systems Remote software attacks Worm, virus, Trojan horse Promity-based Passive Hardware attacks Power or EM analysis Reversible active proximity-based attacks Fault injection turbo code AES KEY RAM µP RAM Irreversible hardware attacks Tampering RSA

  3. Latency Efficiency Performance Area Symptom free issues Security aware Security issues High Security High Performance Throughput Power System Agile Activity aware Robust Cost Energy Embedded System designobjectives • What is the cost of security?

  4. Recent related work • System level security, • Formal models of attacks, • Architectural support for security, • Implementation of security primitives, • Architectural monitors, and • Secure network-on-a-chip.

  5. Configurable Computing Security Space ConfigurableSecurityModule Use a configurable computing module to protect a system, the module is seen as an agile hardware dedicated unit Attacks Secure Configurable System Configurable Design Security The whole system is configurable. The security is provided by the agility of the whole system Protect the configurable computing configuration Technology

  6. Advantages of configurable computing against attacks Configurable computing advantages Attack type Counter-measure Active - Irreversible Robustness Activity-awareness Technology/Sensors System agility Active - Reversible Security-awareness Activity-awareness Sensors System agility System upload High performance Passive – Side channel Agility Symptom-free Security-awareness Activity-awareness System agility System upload High performance

  7. Embedded System with Continuous Monitoring and Verification System Application Compiler Profiling Characteristics of normal offline behavior System on chip hardware online - - Hardware defense mechanisms Continuous monitoring security and verification General purpose subsystem processing subsystem System I / O

  8. On-Chip Surveillance with Configurable Monitors Secure gateway I/O Power Management CM RISC core CM CM = Configurable Monitor OCIN = On-Chip Intelligence Network CM Analog CM CM CM CM FPGA On-Chip Intelligence Network CM Video encoder CM SRAM CM System on Chip

  9. (1 GHz ) Random F H PLL1 D Q bit (5 Mbits /s) External clock PLL2 F (50 MHz ) L (5 MHz ) Config disable controller Decrytion & TRNG Authentification External config Secret Key memory Red Zone memory Program memory IP Function Private Key ( cryptoIP ) memory Green Zone I/O IP Function 1 Dnode Dnode Switch Switch Switch Dnode Dnode Green Zone Data Dnode Dnode Dnode Dnode Switch Switch IP Function 1 CPU External Dnode Dnode Dnode Dnode Data program Dnode Dnode Switch Switch Switch Dnode Dnode memory Reconfigurable zone A reconfigurable architectureadapted for security

  10. AES Platform AES core Data_in (128 bits) Input FSM Data_out (128 bits) Output FSM Key (128 bits) OPB (32 bits) Battery level Fault Reset Done Start System_state Communication Channel Quality AlP_Register ArP_Register Req Attacks Data WE SSC FSM SPC FSM ICAP AES security primitive Bit-streams memory PowerPC 405 core int PLB (32 bits) OPB (32 bits) PLB/OPB bridge

  11. Security-Aware Networked Embedded Systems Security Executive Processor Reconfigurable Hardware Security I/O Security I/O Security I/O Security I/O SSC SSC SSC SSC Configuration Memory Security Primitive Security Primitive Configuration Memory SPC SPC Data I/O Data I/O Data I/O Data I/O I/O Module Processor core Program/Data Memory

  12. Security primitive Initialization Security Executive Processor Reconfigurable Hardware Security I/O Security I/O Security I/O Security I/O SSC SSC SSC SSC Configuration Memory Configuration Memory SPC Data I/O Data I/O Data I/O Data I/O I/O Module Processor core Program/Data Memory

  13. Security primitive Evolution Security Executive Processor Reconfigurable Hardware Security I/O Security I/O Security I/O Security I/O SSC SSC SSC SSC Configuration Memory Security Primitive Configuration Memory SPC Data I/O Data I/O Data I/O Data I/O I/O Module Processor core Program/Data Memory

  14. AES implementations • Four implementations are considered for the AES algorithm: • Non feedback mode without security (N_FB) • Pipeline • Feedback mode without security (FB) • Iterative • Feedback mode with fault detection (FB_FD) • Parity-based error detection • Feedback mode with fault tolerance (FB_FT) • Triple module redundancy technique Performance Security

  15. AES implementations results

  16. Energy efficiency of AES implementations Gigabits per joule ASIC 102 FPGA 101 100 Processor 10-1 10-2 10-3 10-4 10-5 10-6 Virtex-II Pro FPGA Feedback Virtex-II Pro FPGA Feedback Fault detection Virtex-II Pro FPGA Feedback Fault tolerance 0.18 micron CMOS Virtex-II Pro FPGA Non Feedback Hand-optimized Assembly code On Pentium II C Sparc Java K virtual machine Sparc

  17. Conclusions and Ongoing Work • We have shown: • A Configurable Approach • An approach to on-chip attack detection • An architecture for on-chip monitoring • SANES • AES implementations in FPGA • Ongoing work • Compilation thrust • Architecture thrust • Quantify the feasibility of on-chip attack detection • Monitor design including silicon prototyping

  18. References • Bossuet, L., Gogniat, G., Burleson, W., “Dynamically Configurable Security for SRAM FPGA Bitstreams”, Reconfigurable Architectures Workshop, 2004 • Gogniat G., Burleson W., and Bossuet L., "Configurable computing for high-security/high-performance ambient systems" to appear in the proceedings of the Embedded Computer Systems: Architectures, MOdeling, and Simulation Conference, Samos, Greece, July 18-20, 2005. • Gogniat G., Wolf T., and Burleson W., "Configurable Security Architecture for Networked Embedded Systems", Technical Report, ECE Department, University of Massachusetts - Amherst, December 2004. • K. Wu, R. Karri, G. Kuznetsov, and M. Goessel, “Low Cost Concurrent Error Detection for the Advanced Encryption Standard”, ITC 2004. • C. Carmichael, “Triple Module Redundancy Design Techniques for Virtex FPGAs”, Xilinx Application Note (XAPP197), November 2001. • P. Schaumont and I. Verbauwhede, ”Domain-Speci.c Codesign for Embedded Security”, IEEE Computer, April 2003

More Related