Security Observance throughout the Life-Cycle of Embedded Systems

Embedded systems are an established part of life. Their security requirements underline the importance of properly formulated, implemented, and enforced security policies throughout their life-cycle. Currently, security is just an afterthought, and most solutions are meant to thwart particular attacks. However, the increasing number of security breaches, the ensuing economical losses, and potential dangers all emphasize the importance of fundamental security solutions. This paper first surveys the current situation and then proposes a holistic approach where security is considered from the beginning of the design of embedded systems throughout their entire life-cycle. In our approach, the entire system life-cycle is analyzed and appropriate countermeasures are incorporated in the design. Obviously, prevention is not the complete solution. A 4-level defense strategy assures not only that a system has been properly designed in terms of security, but also that the liabilities of its designers are adequately covered.

[1]  Srivaths Ravi,et al.  Security as a new dimension in embedded system design , 2004, Proceedings. 41st Design Automation Conference, 2004..

[2]  Steve H. Weingart Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences , 2000, CHES.

[3]  Patrick Schaumont,et al.  Multilevel design validation in a secure embedded system , 2005, Tenth IEEE International High-Level Design Validation and Test Workshop, 2005..

[4]  Srivaths Ravi,et al.  Tamper resistance mechanisms for secure embedded systems , 2004, 17th International Conference on VLSI Design. Proceedings..

[5]  Joe Grand,et al.  Practical Secure Hardware Design for Embedded Systems , 2004 .

[6]  David Samyde,et al.  Side channel cryptanalysis , 2002 .

[7]  Christof Paar,et al.  Embedded security in a pervasive world , 2007, Inf. Secur. Tech. Rep..

[8]  Serban I. Gavrila,et al.  A Unified Framework for Mobile Device Security , 2004, Security and Management.

[9]  Divya ARORAa,et al.  Architectural Enhancements for Secure Embedded Processing , 2006 .

[10]  Srivaths Ravi,et al.  Security in embedded systems: Design challenges , 2004, TECS.

[11]  Steve H. Weingart Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defenses 2008 (Updated from the CHES 2000 version) , 2008 .

[12]  Henk Corporaal,et al.  Embedded System Design , 2006 .

[13]  Rita C. Summers Secure Computing: Threats and Safeguards , 1996 .

[14]  Patrick Schaumont,et al.  Design methods for Security and Trust , 2007, 2007 Design, Automation & Test in Europe Conference & Exhibition.