Peng Ning,Stephen E. Mclaughlin,Michael C. Grace,Ahmed M. Azab,Rohan Bhutkar,Wenbo Shen,Xun Chen,Yong Choi,Ken Chen

2019-01-01

Abstract:An apparatus and method of a hardware isolated secure element protecting a plurality of mission critical subsystems are provided. The method includes performing an actuation operation received across an unsecure path that modifies the state of a mission critical subsystem, performing a diagnostic operation received across the unsecure path that requests state information of the mission critical subsystem, storing information used to determine which of the diagnostic operation and the actuation operation received across the unsecure path are performed, and flashing an execution image of an electronic control unit when the execution image of the electronic control unit is received across the unsecure path.

YANG Xu,GONG Guofang,YANG Huayong,CHEN Kui,WANG Lintao

DOI: https://doi.org/10.3785/j.issn.1006-754X.2013.06.015

2013-01-01

Abstract:Concerning on the problems of low accuracy ,low efficiency and poor reliability of seg-ment assembly equipment of shield machine ,a monitor and control system for segment assembly test bed of shield machine is designed under the target of efficient assembly of segments .On the base of full analysis on the working principle and monitoring requirements of the segment assem-bly test bed of shield machine ,an industry computer based data acquisition and control system taking PCI based data boards as I/O interfaces was designed .Then a soft starter based electric control circuit system for the power motor and a direct starting circuit system for the air-cooled e-quipment were designed individually .A LabVIEW based monitor and control system software de-signed for high-speed data acquisition and real-time control was presented ,and finally a monitor and control system for the segment assembly test bed of shield machine was built according to previous design .The result of field operation shows ,with high speed and reliable computation of hardware ,the monitor and control system equipped with effectively designed software plays an important role in both the operations of the segment assembly test bed of shield machine and the research on efficient assembly of segments .

MAO Weifeng,PING Lingdi,JIANG Li,CHEN Xiaoping

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.12.068

2006-01-01

Abstract:SECOS is a secure operating system with independent intellectual property right,which accords with the requirements of level 4 secure operation system technology.This paper illustrates some key issues of the system,including design method for enchancement of security,improved model from the Bell-La Padula MAC(mandatory access control) implementation,the realization of the model,formal method during the system development,conversiion channel analysis and its prevention,and secure deletion.The performance evaluation shows the design and implementation of SECOS is effective.

Peng Ning,Stephen E. McLaughlin,Michael C. Grace,Ahmed M. Azab,Rohan Bhutkar,Wenbo Shen,Xun Chen,Yong Choi,Ken Chen

2019-01-01

Abstract:An apparatus and method of an attachment device for interfacing with an on-board diagnostic system of a vehicle is provided. The device includes an application processor configured to receive input from a terminal, control processing of the input by the on-board diagnostic system, transmit a result of the processing of the input by the on-board diagnostic system to the terminal, and a secure element interposed in the communication path between the application processor and the on-board diagnostic system, the secure element configured to filter the input of an on-board diagnostic operation that is untrusted.

Xiang Gao,Yiqiang Zhao,Haocheng Ma

DOI: https://doi.org/10.3390/s18093034

IF: 3.9

2018-01-01

Sensors

Abstract:Information system security has been in the spotlight of individuals and governments in recent years. Integrated Circuits (ICs) function as the basic element of communication and information spreading, therefore they have become an important target for attackers. From this perspective, system-level protection to keep chips from being attacked is of vital importance. This paper proposes a novel method based on a fringing electric field (FEF) sensor to detect whether chips are dismantled from a printed circuit board (PCB) as system-level protection. The proposed method overcomes the shortcomings of existing techniques that can be only used in specific fields. After detecting a chip being dismantled from PCB, some protective measures like deleting key data can be implemented to be against attacking. Fringing electric field sensors are analyzed through simulation. By optimizing sensor’s patterns, areas and geometrical parameters, the methods that maximize sensitivity of fringing electric field sensors are put forward and illustrated. The simulation is also reproduced by an experiment to ensure that the method is feasible and reliable. The results of experiments are inspiring in that they prove that the sensor can work well for protection of chips and has the advantage of universal applicability, low cost and high reliability.

CUI Qiang,DOND Shu-rong,LIU Jun-jie,HAN Yan

DOI: https://doi.org/10.3969/j.issn.1007-4252.2008.01.036

2008-01-01

Abstract:An on -chip electrostatic discharge (ESD) protection scheme is demonstrated for an emerging technology of microelectromechanieal systems (MEMS) - based embedded sensor (ES) system - on - a - chip (SoC). The ESD protection scheme is implemented using ground - referenced muhifinger thyris- tor- type devices optimized for 1 ) the input/output (I/O) protection, 2) the power supply clamp, and 3) the internal sensors' electrodes during the micromachining process. A multiply finger layout scheme was also developed to the ESD protection level under the constraint of chip size. The ESD protection de- sign methodology was tested and verified at both the device and SoC levels, and its effectiveness and ro- bustness have been illustrated. Experimental results showed that the SoC passed a 4.1 kV Human Body Model ESD stress with no latchup induced and a very low leakage current of 10-10 A.

Mengmeng Ling,Liji Wu,Xiangyu Li,Xiangmin Zhang,Jinsong Hou,Yong Wang

DOI: https://doi.org/10.1109/CIS.2012.125

2012-01-01

Abstract:As information security chips are more widely used in the field of information security, the security of chips becomes increasingly important, which has also been a hot research field of information security. With the advances in technology, a chip-invasive method of attack which uses laser or focused ion beam (FIB) to change the chip's internal signal line, and then probe the chip's secret information with the electron microprobe, becomes a serious threat to information security chip. Such an attack makes the shielding metal wire an effective mean to improve chip security. The protection circuit module monitoring the shielding metal line is to ensure the layer of the metal wire is undamaged, in order to ensure that the chip has not been attacked by laser or FIB. This paper studies the design and implementation of Monitor and Protect Circuits (MPC) based on RC delay, which monitor if the shielding metal wires are damaged. The circuit is designed in SMIC0.18um CMOS process and an entire layout is completed. The gate count of MPC is about 642, which is 2.9% of that of AES. And its power consumption is about 81uw.

Rui Chang,Liehui Jiang,Wenzhi Chen,Yang Xiang,Yuxia Cheng,Abdulhameed Alelaiwi

DOI: https://doi.org/10.1007/s10586-017-0833-4

2017-01-01

Cluster Computing

Abstract:With the rapid development of Internet of Things technology and the promotion of embedded devices’ computation performance, smart devices are probably open to security threats and attacks while connecting with rich and novel Internet. Attracting lots of attention in embedded system security community recently, Trusted Execution Environment (TEE), allows for the execution of arbitrary code within environments completely isolated from the rest of a system. However, existing memory protection methods in a TEE are inadequate. In general, the software-based formal methods are not practical and the hardware-based implementation approaches lack of theoretical proof. To address the memory isolation and protection problems in TEE, in this paper, we propose a practical memory integrity protection method on an ARM-based platform, called MIPE, to defend against security threats including kernel data attacks and direct memory access attacks. MIPE utilizes TrustZone technique to create a isolated execution environment, which can protect the sensitive code and data against attacks. To present the integrity protection strategies, we provide the design of MIPE using B method, which is a practical formal method. We also implement MIPE on the Xilinx Zynq ZC702 evaluation board. The evaluation results show that the automatic proof rate of machines using B method is about 78.32%, and the proposed method is effective and feasible in terms of both load time and overhead.

Ronny Chevalier,Maugan Villatel,David Plaquin,Guillaume Hiet

DOI: https://doi.org/10.1145/3134600.3134622

2018-03-07

Abstract:Highly privileged software, such as firmware, is an attractive target for attackers. Thus, BIOS vendors use cryptographic signatures to ensure firmware integrity at boot time. Nevertheless, such protection does not prevent an attacker from exploiting vulnerabilities at runtime. To detect such attacks, we propose an event-based behavior monitoring approach that relies on an isolated co-processor. We instrument the code executed on the main CPU to send information about its behavior to the monitor. This information helps to resolve the semantic gap issue. Our approach does not depend on a specific model of the behavior nor on a specific target. We apply this approach to detect attacks targeting the System Management Mode (SMM), a highly privileged x86 execution mode executing firmware code at runtime. We model the behavior of SMM using invariants of its control-flow and relevant CPU registers (CR3 and SMBASE). We instrument two open-source firmware implementations: EDK II and coreboot. We evaluate the ability of our approach to detect state-of-the-art attacks and its runtime execution overhead by simulating an x86 system coupled with an ARM Cortex A5 co-processor. The results show that our solution detects intrusions from the state of the art, without any false positives, while remaining acceptable in terms of performance overhead in the context of the SMM (i.e., less than the 150 $\mu$s threshold defined by Intel).

Cryptography and Security

Xiang Wang,Zhun Zhang,Qiang Hao,Dongdong Xu,Jiqing Wang,Haoyu Jia,Zhiyu Zhou

DOI: https://doi.org/10.3390/mi12121450

2021-11-26

Abstract:The hardware security of embedded systems is raising more and more concerns in numerous safety-critical applications, such as in the automotive, aerospace, avionic, and railway systems. Embedded systems are gaining popularity in these safety-sensitive sectors with high performance, low power, and great reliability, which are ideal control platforms for executing instruction operation and data processing. However, modern embedded systems are still exposing many potential hardware vulnerabilities to malicious attacks, including software-level and hardware-level attacks; these can cause program execution failure and confidential data leakage. For this reason, this paper presents a novel embedded system by integrating a hardware-assisted security monitoring unit (SMU), for achieving a reinforced system-on-chip (SoC) on ensuring program execution and data processing security. This architecture design was implemented and evaluated on a Xilinx Virtex-5 FPGA development board. Based on the evaluation of the SMU hardware implementation in terms of performance overhead, security capability, and resource consumption, the experimental results indicate that the SMU does not lead to a significant speed degradation to processor while executing different benchmarks, and its average performance overhead reduces to 2.18% on typical 8-KB I/D-Caches. Security capability evaluation confirms the monitoring effectiveness of SMU against both instruction and data tampering attacks. Meanwhile, the SoC satisfies a good balance between high-security and resource overhead.

Xiaodong Chen,Yue Gao,Lu Guo,John Dupuy

2009-01-01

Abstract:L'invention porte sur un appareil et sur un procede pour detecter un rayonnement electromagnetique emis par un dispositif, le dispositif comprenant de multiples composants qui emettent un rayonnement electromagnetique. L'appareil comprend un conteneur revetu d'un absorbeur anechoique electromagnetique, un support dispose a l'interieur du conteneur pour recevoir le dispositif, une antenne plane disposee a l'interieur du conteneur pour detecter un rayonnement electromagnetique emis par le dispositif, l'antenne etant mobile par rapport au support de facon a faire varier la distance entre l'antenne et le support, et un appareil de mesure pour enregistrer le rayonnement electromagnetique emis par le dispositif en differentes positions de l'antenne par rapport au support.

Allison Chinedu Okolie

DOI: https://doi.org/10.9734/cjast/2024/v43i44369

2024-03-30

Current Journal of Applied Science and Technology

Abstract:Aims: The necessity by man to protect his life, investment and property has called for security which is essential in maintaining law and order in a society. Study Design: For effective realization of these goals, the security system must be able to incorporate different functions and monitor several activities instantaneously in real time. These activities include access, motion detection, fire hazard, plant production control etc. Methodology: In this study, the concept of real time central monitoring security systems was adopted with emphasis on industrial security. The industrial complex needs to have a way of authenticating individuals requesting access to the complex as well as reactively responding to intruder attempts. To achieve these, a simple hardware data acquisition unit based on a microcontroller was designed. With the microcontroller, many sub systems (access, intrusion, motion detection, surveillance) were integrated into one module and monitored continuously. A central monitoring unit was also implemented using a PC. The software for analysis and display of the data was designed using an object oriented approach and is GUI based for easier monitoring. When tested, the GUI provides graphic display of the trends from the sensor device. The data from the hardware unit was connected to the PC via the parallel port interface. Results: The designed and fabricated microcontroller-based security system performed effectively for the industrial complex with no reported issue or failure. Conclusion: Microcontroller-based security system is an effective tool for the industrial complex.

Fengyuan Xu,Zhengrui Qin,Chiu Chiang Tan,Baosheng Wang,Qun Li

DOI: https://doi.org/10.1109/infcom.2011.5934987

2011-01-01

Abstract:Recent studies have revealed security vulnerabilities in implantable medical devices (IMDs). Security design for IMDs is complicated by the requirement that IMDs remain operable in an emergency when appropriate security credentials may be unavailable. In this paper, we introduce IMDGuard, a comprehensive security scheme for heart-related IMDs to fulfill this requirement. IMDGuard incorporates two techniques tailored to provide desirable protections for IMDs. One is an ECG based key establishment without prior shared secrets, and the other is an access control mechanism resilient to adversary spoofing attacks. The security and performance of IMDGuard are evaluated on our prototype implementation.

Shen Limin,Li Feng,Peng Siwei,Si Yali

DOI: https://doi.org/10.1109/CSIE.2009.236

2009-01-01

Abstract:A method is proposed for enhancing SCADA systems survivability using exogenous isomorphic real-time monitor and simulation monitor. The formal definition of monitors is given. The fundamental principles of attack resistance, malicious operation detection and fault prediction are introduced, which are accomplished by using cooperation between the real-time monitor and simulation monitor. The real-time monitor is responsible for monitoring the states of SCADA systems, events and control commands, estimating whether there is faults and risk in systems based on states and implementation commands of system, and creating a simulation monitor if it is necessary. The simulation monitor is responsible for simulating implementation of control command, monitoring the process of simulation, forecasting the results of control commands, and estimating whether the commands are harmful based on the results. Finally, a water treatment system is given to illustrate the feasibility and effectiveness of the method.

genxian liu,xi zhang,dongsheng wang,zhenyu liu,haixia wang

DOI: https://doi.org/10.1007/978-3-662-43908-1_1

2014-01-01

Abstract:Security is a crucial element of information systems. Extensive research for cryptographic algorithms that provide the sound theoretical basis of security. Among them security and integrity of memory has been a longstanding issue in trusted system design. Main memory is a critical component of all computing systems. Most of those systems are vulnerable to memory attacks, in which an attacker gains physical accesses to the unattended hardware, obtains the decryption keys from memory. We propose a method for protecting memory systems against attacks with hardware authentication and full memory encryption. The method is secure against all known type of memory attack. We have tested the method with software simulator and Field Programmable Gate Array (FPGA) platform. The results show that the method can authenticate and encrypt the contents of DRAM with 2.5 % performance penalties.

Zichen Zhou,Bo Yin,Renhao Fan,Tao Liu,Bin Xu,Xiang Wang

2011-01-01

Abstract:Most embedded systems present a number of software vulnerabilities, such as buffer overflow, while the physical attacks are becoming popular as well. This paper presents a series of novel architectural-enhanced security solutions. The automated compiler extracts the intrusion model for intrusion detection and secure tag of each main memory segment at the compile time automatically. At runtime, the designed hardware observes its dynamic execution trace and checks whether the trace conforms to the permissible behavior and trigger appropriate response mechanisms. The proposed schemes don't change the compiler or the existing instruction set and imposes no restriction to the software developer. The architectural design is implemented on an actual OR1200-FPGA platform. The experimental analysis shows that the proposed techniques can eliminate a wide range of common software and physical attacks with low performance penalties and minimal overheads.

Sandip Ray,Eric Peeters,Mark M. Tehranipoor,Swarup Bhunia

DOI: https://doi.org/10.1109/jproc.2017.2714641

IF: 20.6

2018-01-01

Proceedings of the IEEE

Abstract:Modern system-on-chip (SoC) designs include a wide variety of highly sensitive assets which must be protected from unauthorized access. A significant aspect of SoC design involves exploration, analysis, and evaluation of resiliency mechanisms against attacks to such assets. These attacks may arise from a number of sources, including malicious intellectualproperty blocks (IPs) in the hardware, malicious or vulnerable firmware and software, insecure communication of the system with other devices, and side-channel vulnerabilities through power and performance profiles. Countermeasures for these attacks are equally diverse, which include architecture, design, implementation, and validation-based protection. In this paper, we provide a comprehensive overview of the security infrastructure in modern SoC designs, including both resiliency techniques and their validation paradigms at presilicon and postsilicon stages. We identify gaps in current resiliency and analysis architectures and propose design and validation solutions to address them. Finally, we provide industry perspectives on the role and impact of current practices on SoC security, and discuss some emerging trends in this important area.

engineering, electrical & electronic

Makoto Nagata,Takuji Miki,Noriyuki Miura

DOI: https://doi.org/10.1109/tvlsi.2021.3073946

2022-01-01

IEEE Transactions on Very Large Scale Integration (VLSI) Systems

Abstract:Secure hardware systems are threatened by adversarial attempts on integrated circuit (IC) chips in a practical utilization environment. This article provides overviews of physical attacks on cryptographic circuits, associated vulnerabilities in an IC chip, and protection schemes in the vertical unification of systems, circuits, and packaging technologies. The design principles of on-chip monitoring circuits to sense the attackers' attempts are discussed and tested with Si demonstrators. Physical structures are explored for secure IC chips to establish protections against multimodal side-channel attacks. The backside buried metal (BBM) wirings in a Si substrate are unified with its frontside complementary metal–oxide semiconductor (CMOS) circuits to achieve avoidance, detection, and resiliency against electromagnetic and laser attacks.

engineering, electrical & electronic,computer science, hardware & architecture

Roshan G. Ragel,Jude A. Ambrose,Sri Parameswaran

DOI: https://doi.org/10.48550/arXiv.1511.01946

2015-11-06

Abstract:Security of embedded computing systems is becoming of paramount concern as these devices become more ubiquitous, contain personal information and are increasingly used for financial transactions. Security attacks targeting embedded systems illegally gain access to the information in these devices or destroy information. The two most common types of attacks embedded systems encounter are code-injection and power analysis attacks. In the past, a number of countermeasures, both hardware- and software-based, were proposed individually against these two types of attacks. However, no single system exists to counter both of these two prominent attacks in a processor based embedded system. Therefore, this paper, for the first time, proposes a hardware/software based countermeasure against both code-injection attacks and power analysis based side-channel attacks in a dual core embedded system. The proposed processor, named SecureD, has an area overhead of just 3.80% and an average runtime increase of 20.0% when compared to a standard dual processing system. The overhead were measured using a set of industry standard application benchmarks, with two encryption and five other programs.

Hardware Architecture

Dongxu CHENG,Chi ZHANG,LIU Jianwei,LI Dawei,GUAN Zhenyu,ZHAO Wei,XU Mai,Jianwei LIU,Dawei LI,Zhenyu GUAN,Wei ZHAO,Mai XU

DOI: https://doi.org/10.1016/j.cja.2021.03.004

IF: 5.7

2021-11-01

Chinese Journal of Aeronautics

Abstract:With the wide application of electronic hardware in aircraft such as air-to-ground communication, satellite communication, positioning system and so on, aircraft hardware is facing great secure pressure. Focusing on the secure problem of aircraft hardware, this paper proposes a supervisory control architecture based on secure System-on-a-Chip (SoC) system. The proposed architecture is attack-immune and trustworthy, which can support trusted escrow application and Dynamic Integrity Measurement (DIM) without interference. This architecture is characterized by a Trusted Monitoring System (TMS) hardware isolated from the Main Processor System (MPS), a secure access channel from TMS to the running memory of the MPS, and the channel is unidirectional. Based on this architecture, the DIM program running on TMS is used to measure and call the Lightweight Measurement Agent <strong>(</strong>LMA<strong>)</strong> program running on MPS. By this method, the Operating System (OS) kernel, key software and data of the MPS can be dynamically measured without disturbance, which makes it difficult for adversaries to attack through software. Besides, this architecture has been fully verified on FPGA prototype system. Compared with the existing systems, our architecture achieves higher security and is more efficient on DIM, which can fully supervise the running of application and aircraft hardware OS.

engineering, aerospace