SAFE-OPS: An approach to embedded software security

The new-found ubiquity of embedded processors in consumer and industrial applications brings with it an intensified focus on security, as a strong level of trust in the system software is crucial to their widespread deployment. The growing area of software protection attempts to address the key steps used by hackers in attacking a software system. In this paper, we introduce a unique approach to embedded software protection that utilizes a hardware/software codesign methodology. Results demonstrate that this framework can be the successful basis for the development of embedded applications that meet a wide range of security and performance requirements.

[1]  Jack W. Davidson,et al.  Software Tamper Resistance: Obstructing Static Analysis of Programs , 2000 .

[2]  Bennet S. Yee,et al.  Using Secure Coprocessors , 1994 .

[3]  Sean W. Smith,et al.  Smart cards in hostile environments , 1996 .

[4]  Jack W. Davidson,et al.  Protection of software-based survivability mechanisms , 2001, 2001 International Conference on Dependable Systems and Networks.

[5]  Rainer Leupers,et al.  Architecture exploration for embedded processors with LISA , 2002 .

[6]  Trevor Mudge,et al.  MiBench: A free, commercially representative embedded benchmark suite , 2001 .

[7]  Denis Flandre,et al.  Feasibility of smart cards in silicon-on-insulator (SOI) technology , 1999 .

[8]  Vincent Rijmen,et al.  The Block Cipher Rijndael , 1998, CARDIS.

[9]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[10]  S. Katzenbeisser,et al.  A survey of steganographic techniques , .

[11]  Lujo Bauer,et al.  A Proof-Carrying Authorization System , 2001 .

[12]  Robert E. Tarjan,et al.  Dynamic Self-Checking Techniques for Improved Tamper Resistance , 2001, Digital Rights Management Workshop.

[13]  Christian S. Collberg,et al.  Software watermarking: models and dynamic embeddings , 1999, POPL '99.

[14]  Sean W. Smith,et al.  Secure coprocessing applications and research issues , 1996 .

[15]  Dirk Balfanz,et al.  A security infrastructure for distributed Java applications , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[16]  Miodrag Potkonjak,et al.  MediaBench: a tool for evaluating and synthesizing multimedia and communications systems , 1997, Proceedings of 30th Annual International Symposium on Microarchitecture.

[17]  Steve R. White,et al.  ABYSS: ATrusted Architecture for Software Protection , 1987, 1987 IEEE Symposium on Security and Privacy.

[18]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[19]  Adam Shostack,et al.  Breaking Up Is Hard To Do: Modeling Security Threats for Smart Cards , 1999, Smartcard.

[20]  Lance J. Hoffman,et al.  BITS: a smartcard protected operating system , 1994, CACM.

[21]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[22]  Steve R. White,et al.  An evaluation system for the physical security of computing systems , 1990, [1990] Proceedings of the Sixth Annual Computer Security Applications Conference.

[23]  Naomaru Itoi Secure Coprocessor Integration with Kerberos V5 , 2000, USENIX Security Symposium.

[24]  Christof Paar,et al.  Fast DES Implementation for FPGAs and Its Application to a Universal Key-Search Machine , 1998, Selected Areas in Cryptography.

[25]  Barbara Gengler Reports: Trusted Computing Platform Alliance , 2001 .

[26]  David Aucsmith,et al.  Tamper Resistant Software: An Implementation , 1996, Information Hiding.

[27]  Bennet S. Yee,et al.  Secure Coprocessors in Electronic Commerce Applications , 1995, USENIX Workshop on Electronic Commerce.

[28]  George C. Necula,et al.  Safe kernel extensions without run-time checking , 1996, OSDI '96.

[29]  Mikhail J. Atallah,et al.  Protecting Software Code by Guards , 2001, Digital Rights Management Workshop.

[30]  Features, Advantages, and Benefits of Button-Based Security-AN97 , 2006 .

[31]  Andrew W. Appel,et al.  Proof-carrying authentication , 1999, CCS '99.

[32]  Steve H. Weingart Physical Security for the μABYSS System , 1987, 1987 IEEE Symposium on Security and Privacy.

[33]  Christian S. Collberg,et al.  Breaking abstractions and unstructuring data structures , 1998, Proceedings of the 1998 International Conference on Computer Languages (Cat. No.98CB36225).

[34]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[35]  Sean W. Smith,et al.  Building a high-performance, programmable secure coprocessor , 1999, Comput. Networks.

[36]  Seth Copen Goldstein,et al.  A High-Performance Flexible Architecture for Cryptography , 1999, CHES.

[37]  George C. Necula,et al.  Proof-carrying code , 1997, POPL '97.

[38]  José D. P. Rolim,et al.  An adaptive cryptographic engine for IPSec architectures , 2000, Proceedings 2000 IEEE Symposium on Field-Programmable Custom Computing Machines (Cat. No.PR00871).

[39]  Bennet S. Yee,et al.  Dyad : a system for using physically secure coprocessors , 1991 .

[40]  Paul C. Kocher Cryptanalysis of Di e-Hellman, RSA, DSS, and Other Systems Using Timing Attacks , 1999 .

[41]  Viktor K. Prasanna,et al.  FPGA-based Cryptography for Internet Security ∗ , 2000 .

[42]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.