检索结果-内蒙古大学图书馆

IEEE DESIGN & TEST 2025年第3期42卷 103-112页

作者： Srivastav, Pravin Kaur, Anandpreet Ghoshal, Bibhas Indian Inst Informat Technol Allahabad Dept Informat & Technol Syst Lab Prayagraj 211012 Uttar Pradesh India

Editor’s notes: In this article, the authors propose a dual attestation scheme which protects embedded device’s runtime integrity from control and microarchitectural attacks. Such attestation ensures that a scheme c... 详细信息

关键词： Runtime Libraries Security Performance evaluation Codes Monitoring Proposals Process control Hardware Data collection Hardware Performance Counters Control flow integrity data integrity Micro-architectural attacks secure embedded systems Remote attestation

来源：评论

学校读者我要写书评

暂无评论

High Assurance Multi-Function Crypto Development

High Assurance Multi-Function Crypto Development

引用

2024 Military Communications Conference

作者： Hughes, Jeffrey Nahill, Ben Simpson, Eric Lim, Jeffery Burrow, Ryan Dean, John Lee, Brian Vai, Michael Khazan, Roger O'Melia, Sean Hoe, Andrew Parrish, Michael Womack, Jeffrey Trotter, Scott Lodico, Maria MIT Lincoln Lab 244 Wood St Lexington MA 02173 USA AFLCMC HNCA Washington DC USA

ISBN: (纸本)9798350374247;9798350374230

Today's high assurance crypto solutions are predominantly devices that are tightly coupled to specific systems and use cases. These crypto devices are not readily upgradable to support new algorithms or operations. In addition, many legacy crypto replacements are still approached with a focus on box-for-box replacement. This work discusses the development of a novel Multi-Function Crypto (MFC) architecture leveraging modular open systems principles and re-programmable crypto capabilities to address these concerns. Our designing approach emphasizes the need to unify common crypto requirements and standardize where possible to accommodate agile interoperability as needs evolve. We have built a proof-of-concept MFC prototype that aligns with the latest Sensor Open systems Architecture (SOSA) standards.

关键词： Crypto device programmability upgradability high assurance security resilience secure architecture secure embedded systems zero trust MOSA SOSA

来源：评论

学校读者我要写书评

暂无评论

Security-as-a-Service for embedded systems

Security-as-a-Service for Embedded Systems

引用

41st IEEE Military Communications Conference (IEEE MILCOM) - Communications Supporting Military Operations in a Contested Environment

作者： Vai, Michael Simpson, Eric Kava, Donato Lee, Alice Nguyen, Huy Hughes, Jeffrey Torres, Gabriel Lim, Jeffery Nahill, Ben Khazan, Roger Schneider, Fred MIT Lincoln Lab Cambridge MA 02139 USA Cornell Univ Ithaca NY 14853 USA

ISBN: (纸本)9798350321814

In order to promote competition and technology refresh, the Department of Defense (DoD) has required the use of a Modular Open systems Approach (MOSA) for the acquisition and implementation of embedded systems. Designing security and mission assurance for MOSA systems often relies upon payload specific, potentially inadequate, and difficult to update schemes. Our goal is to develop a physically separated embedded Security-as-a-Service (ESaaS) function as a payload agnostic, updatable security manager for MOSA systems. In this paper, we describe the ongoing development of an ESaaS module for securing embedded systems that align with DoD standards, OpenVPX and Sensor Open systems Architecture (SOSA).

关键词： MOSA SOSA OpenVPX open systems zero trust architecture mission assurance security resilience secure architecture secure embedded systems

来源：评论

学校读者我要写书评

暂无评论

Exploration of Fault Effects on Formal RISC-V Microarchitecture Models 19

Exploration of Fault Effects on Formal RISC-V Microarchitect...

引用

19th Workshop on Fault Detection and Tolerance in Cryptography (FDTC)

作者： Tollec, Simon Asavoae, Mihail Courousse, Damien Heydemann, Karine Jan, Mathieu Univ Paris Saclay CEA List F-91120 Palaiseau France Univ Grenoble Alpes CEA List F-38000 Grenoble France Sorbonne Univ CNRS LIP6 F-75005 Paris France

ISBN: (数字)9781665454421

ISBN: (纸本)9781665454421

This paper introduces a formal workflow for modeling software/hardware systems in order to explore the effects of fault injections and evaluate the robustness to fault injection attacks. We illustrate this workflow on four versions of a PIN authentication code, embedding different software countermeasures. The code is symbolically evaluated on two implementations of the RISC-V CV32E40P core: the original implementation from the OpenliW group and an implementation that integrates protection of the pipeline control signals. On the original, unprotected core, our formal workflow exposes various vulnerabilities, including previously unknown ones, whereas, on the protected core, it confirms the effectiveness of the proposed countermeasures.

关键词： secure embedded systems Fault Attack Microarchitecture Formal Verification

来源：评论

学校读者我要写书评

暂无评论

Profiling Dilithium Digital Signature Traces for Correlation Differential Side Channel Attacks 20th

Profiling Dilithium Digital Signature Traces for Correlation...

引用

20th International Conference on embedded Computer systems - Architectures, Modeling, and Simulation (SAMOS)

作者： Fournaris, Apostolos P. Dimopoulos, Charis Koufopavlou, Odysseas Res Ctr ATHENA Ind Syst Inst Patras Sci Pk Patras Greece Univ Patras Elect & Comp Engn Dept Rion Campus Patras Greece

ISBN: (纸本)9783030609399;9783030609382

A significant concern for the candidate schemes of the NIST postquantum cryptography standardization project is the protection they support against side-channel attacks. One of these candidate schemes currently in the NIST standardization race is the Dilithium signature scheme. This postquantum signature solution has been analyzed for side channel attack resistance especially against timing attacks. Expanding our attention on other types of side-channel analysis, this work is focused on correlation based differential side channel attacks on the polynomial multiplication operation of Dilithium digital signature generation. In this paper, we describe how a Correlation Power Attack should be adapted for the Dilithium signature generation and describe the attack process to be followed. We determine the conditions to be followed in order for such an attack to be feasible, (isolation of polynomial coefficient multiplication inpower traces) and we create a power trace profiling paradigm for the Dilithium signature scheme executed in embedded systems to showcase that the conditions can be met in practice. Expanding the methodology of recent works that mainly use simulations for power trace collection, in this paper, power trace capturing and profiling analysis of the signature generation process was succesfully done on a, noisy, Commercial off-the-shelf ARM Cortex-M4 embedded system.

关键词： Postquantum cryptography Side channel attack secure embedded systems

来源：评论

学校读者我要写书评

暂无评论

A secure Framework with Remote Configuration of Intellectual Property 5th

A Secure Framework with Remote Configuration of Intellectual...

引用

5th International Conference on Information systems Security and Privacy (ICISSP)

作者： Khan, Nadir Nitzsche, Sven Becker, Juergen FZI Res Ctr Informat Technol Karlsruhe Germany Karlsruhe Inst Technol KIT Karlsruhe Inst Informat Proc Technol ITIV Karlsruhe Germany

ISBN: (纸本)9789897583599

In this work, an intellectual property (IP) licensing framework is proposed that is secure against IP theft (cloning and redistribution). This security is provided by utilizing built-in features of modern field programmable gate arrays (FPGAs), e.g. secure boot, state-of-the-art cryptography and trusted execution environments (TEE). The scheme is also the least restrictive in comparison to other publications in this area. Using this scheme, multiple IP core vendors (CVs) can configure their IPs remotely by connecting directly to an FPGA. Devices are booted securely using an authenticated and encrypted boot loader that initiates an authenticated and encrypted hypervisor, which in turn provides a TEE by partitioning the system resources into secure and non-secure sections. At this stage, a secure operating system (OS) is loaded that handles all the security critical functions such as communication with CVs, storage and analysis of bitstreams, enforcement of license constraints and configuration of IPs. Then, a second, non-secure OS is loaded, which provides an isolated execution environment with unrestricted access to non-secure resources. Hence, they are not limited to predefined APIs. Both OSes can interact via the hypervisor. The implementation of this framework is a work-in-progress and results presented within this paper are subject to change.

关键词： Field Programming Gate Array (FPGA) Intellectual Property (IP) secure embedded systems IP Protection Dynamic Partial Reconfiguration Cryptography Trusted Execution Environments (TEE)

来源：评论

学校读者我要写书评

暂无评论

Optimization of Message Encryption for Real-Time Applications in embedded systems

引用

IEEE TRANSACTIONS ON COMPUTERS 2018年第5期67卷 748-754页

作者： Aminifar, Amir Eles, Petru Peng, Zebo Swiss Fed Inst Technol Lausanne EPFL Embedded Syst Lab CH-1015 Lausanne Switzerland Linkoping Univ Embedded Syst Lab S-58183 Linkoping Sweden

Today, security can no longer be treated as a secondary issue in embedded and cyber-physical systems. Therefore, one of the main challenges in these domains is the design of secure embedded systems under stringent resource constraints and real-time requirements. However, there exists an inherent trade-off between the security protection provided and the amount of resources allocated for this purpose. That is, the more the amount of resources used for security, the higher the security, but the fewer the number of applications which can be run on the platform and meet their timing requirements. This trade-off is of high importance since embedded systems are often highly resource constrained. In this paper, we propose an efficient solution to maximize confidentiality, while also guaranteeing the timing requirements of real-time applications on shared platforms.

关键词： secure embedded systems secure real-time systems real-time schedulability security and privacy confidentiality optimization message encryption and decryption

来源：评论

学校读者我要写书评

暂无评论

secure Application Continuity in Intermittent systems 9

Secure Application Continuity in Intermittent Systems

引用

9th International Green and Sustainable Computing Conference (IGSC)

作者： Suslowicz, Charles Krishnan, Archanaa S. Dinu, Daniel Schaumont, Patrick Virginia Tech Blacksburg VA 24061 USA

ISBN: (纸本)9781538674666

Intermittent systems operate embedded devices without a source of constant reliable power, relying instead on an unreliable source such as an energy harvester. They overcome the limitation of intermittent power by retaining and restoring system state as checkpoints across periods of power loss. Previous works have addressed a multitude of problems created by the intermittent paradigm, but do not consider securing intermittent systems. In this paper, we address the security concerns created through the introduction of checkpoints to an embedded device. When the non-volatile memory that holds checkpoints can be tampered, the checkpoints can be replayed or duplicated. We propose secure application continuity as a defense against these attacks. secure application continuity provides assurance that an application continues where it left off upon power loss. In our secure continuity solution, we define a protocol that adds integrity, authenticity, and freshness to checkpoints. We develop two solutions for our secure checkpointing design. The first solution uses a hardware accelerated implementation of AES, while the second one is based on a software implementation of a lightweight cryptographic algorithm, Chaskey. We analyze the feasibility and overhead of these designs in terms of energy consumption, execution time, and code size across several application configurations. Then, we compare this overhead to a non-secure checkpointing system. We conclude that securing application continuity does not come cheap and that it increases the overhead of checkpoint restoration from 3.79 mu J to 42.96 mu J with the hardware accelerated solution and 57.02 mu J with the software based solution. To our knowledge, no one has yet considered the cost to provide security guarantees for intermittent operations. Our work provides future developers with an empirical evaluation of this cost, and with a problem statement for future research in this area.

关键词： secure embedded systems intermittent systems application continuity energy harvesting

来源：评论

学校读者我要写书评

暂无评论

Design Techniques for Side-channel Resistant embedded Software

Design Techniques for Side-channel Resistant Embedded Softwa...

引用

作者： Ambuj Sudhir Sinha Virginia Polytechnic Institute and State University

学位级别：硕士

Side Channel Attacks (SCA) are a class of passive attacks on cryptosystems that exploit implementation characteristics of the system. Currently, a lot of research is focussed towards developing countermeasures to side channel attacks. In this thesis, we address two challenges that are an inherent part of the efficient implementation of SCA countermeasures. While designing a system, design choices made for enhancing the efficiency or performance of the system can also affect the side channel security of the system. The first challenge is that the effect of different design choices on the side channel resistance of a system is currently not well understood. It is important to understand these effects in order to develop systems that are both secure and efficient. A second problem with incorporating SCA countermeasures is the increased design complexity. It is often difficult and time consuming to integrate an SCA countermeasure in a larger system. In this thesis, we explore that above mentioned problems from the point of view of developing embedded software that is resistant to power based side channel attacks. Our first work is an evaluation of different software AES implementations, from the perspective of side channel resistance, that shows the effect of design choices on the security and performance of the implementation. Next we present work that identifies the problems that arise while designing software for a particular type of SCA resistant architecture - the Virtual secure Circuit. We provide a solution in terms of a methodology that can be used for developing software for such a system - and also demonstrate that this methodology can be conveniently automated - leading to swifter and easier software development for side channel resistant designs.

关键词： Side-channel Countermeasures secure embedded systems Virtual secure Circuit Bitslice Cryptography Side Channel Attacks

来源：评论

学校读者我要写书评

暂无评论

Securing Software Intellectual Property on Commodity and Legacy embedded systems

Securing Software Intellectual Property on Commodity and Leg...

引用

作者： Michael A. Gora Virginia Polytechnic Institute and State University

学位级别：硕士

The proliferation of embedded systems into nearly every aspect of modern infrastructure and society has seen their deployment in such diverse roles as monitoring the power grid and processing commercial payments. Software intellectual property (SWIP) is a critical com- ponent of these increasingly complex systems and represents a significant investment to its developers. However, deeply immersed in their environment, embedded systems are difficult to secure. As a result, developers want to ensure that their SWIP is protected from being reverse engineered or stolen by unauthorized parties. Many techniques have been proposed to address the issue of SWIP protection for embedded systems. These range from secure memory components to complete shifts in processor architectures. While powerful, these approaches often require the development of systems from the ground up or the application of specialized and often expensive hardware components. As a result they are poorly suited to address the security concerns of legacy embedded systems or systems based on commod- ity components. This work explores the protection of SWIP on heavily constrained, legacy and commodity embedded systems. We accomplish this by evaluating a generic embedded system to identify the security concerns in the context of SWIP protection. The evaluation is applied to determine the limitations of a software only approach on a real world legacy embedded system that lacks any specialized security hardware features. We improve upon this system by developing a prototype system using only commodity components. Finally we propose a Portable embedded Software Intellectual Property Security (PESIPS) system that can easily be deployed as a framework on both legacy and commodity systems.

关键词： secure embedded systems Software Intellectual Property Firmware Security FPGA Design Flow Physical Unclonable Function

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：