Results 1 -
7 of
7
Security in building automation systems
- Industrial Electronics, IEEE Transactions on
"... Abstract—Building automation systems are traditionally concerned with the control of heating, ventilation, and air conditioning, as well as lighting and shading, systems. They have their origin in a time where security has been considered as a side issue at best. Nowadays, with the rising desire to ..."
Abstract
-
Cited by 14 (3 self)
- Add to MetaCart
(Show Context)
Abstract—Building automation systems are traditionally concerned with the control of heating, ventilation, and air conditioning, as well as lighting and shading, systems. They have their origin in a time where security has been considered as a side issue at best. Nowadays, with the rising desire to integrate securitycritical services that were formerly provided by isolated subsystems, security must no longer be neglected. Thus, the development of a comprehensive security concept is of utmost importance. This paper starts with a security threat analysis and identifies the challenges of providing security in the building automation domain. Afterward, the security mechanisms of available standards are thoroughly analyzed. Finally, two approaches that provide both secure communication and secure execution of possibly untrusted control applications are presented. Index Terms—Building automation, embedded networks, integration, security. I.
A Rapid Prototyping System for Error-Resilient Multi-Processor Systems-on-Chip
"... Abstract—Static and dynamic variations, which have negative impact on the reliability of microelectronic systems, increase with smaller CMOS technology. Thus, further downscaling is only profitable if the costs in terms of area, energy and delay for reliability keep within limits. Therefore, the tra ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Abstract—Static and dynamic variations, which have negative impact on the reliability of microelectronic systems, increase with smaller CMOS technology. Thus, further downscaling is only profitable if the costs in terms of area, energy and delay for reliability keep within limits. Therefore, the traditional worst case design methodology will become infeasible. Future architectures have to be error resilient, i.e., the hardware architecture has to tolerate autonomously transient errors. In this paper, we present an FPGA based rapid prototyping system for multi-processor systems-on-chip composed of autonomous hardware units for error-resilient processing and interconnect. This platform allows the fast architectural exploration of various error protection techniques under different failure rates on the microarchitectural level while keeping track of the system behavior. We demonstrate its applicability on a concrete wireless communication system. I.
Concepts for run-time and error-resilient control flow checking of embedded RISC CPUs,” Int
- Journal of Autonomous and Adaptive Communications Systems
, 2009
"... Abstract: In this paper, we introduce new concepts and methods for checking the correctness of control flow instructions (CFI) issued during the execution of programs for embedded RISC CPUs. Our proposed methodology is able to detect at run-time any error of illegal or faulty direct jump and branch ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Abstract: In this paper, we introduce new concepts and methods for checking the correctness of control flow instructions (CFI) issued during the execution of programs for embedded RISC CPUs. Our proposed methodology is able to detect at run-time any error of illegal or faulty direct jump and branch instruction as well as call and return form subroutine for a given program code. Furthermore, two different hardware concepts and implementations of generic control flow (CF) checker units which may be tightly attached to a given CPU are proposed. These implementations can detect and even avoid the execution of faulty CFI at very low area and usually no latency penalty. Other benefits of this novel approach are that the application code must not be changed or augmented by signatures or additional instructions at all. The presented approach is, thus, completely transparent to the program developer.
Concepts for autonomous control flow checking for embedded cpus
- in Proc. 5th International Conference on Autonomic and Trusted Computing (ATC-08
, 2008
"... Abstract. In this paper, we introduce new concepts and methods for checking the correctness of control flow instructions during the execution of programs in embedded CPUs. Detecting and avoiding the execution of faulty control flow instructions is a problem of growing importance w.r.t. reliability a ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract. In this paper, we introduce new concepts and methods for checking the correctness of control flow instructions during the execution of programs in embedded CPUs. Detecting and avoiding the execution of faulty control flow instructions is a problem of growing importance w.r.t. reliability and security. On the other hand, hardware cost overheads and an easy integration into the design flow are of utmost important for cost sensitive embedded systems. Our proposed methodology is able to monitor all direct jumps and branches as well as calls and returns form subroutines autonomously during program execution. Furthermore, we propose and evaluate an implementation of an autonomous checker unit which is closely coupled to the processor and can detect and even avoid the execution of a faulty control flow instruction. Upon detection of a faulty instruction, we propose a method to refetch and reexecute the incorrect jump or branch instruction. Other benefits of this novel approach are that the application code must not be changed or augmented by signatures or additional instructions, and that there is no measurable performance impact in terms of execution latency. From the user point of view, our approach is completely transparent to a program developer. 1
Security Analysis of an IP Phone: Cisco 7960G
"... Abstract. IP phones are an essential component of any VoIP infrastructure. The hardware constraints and newness of these devices, as compared to mature desktop or server systems, lead to software development focused primarily on features and functionality rather than security and dependability. Whil ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract. IP phones are an essential component of any VoIP infrastructure. The hardware constraints and newness of these devices, as compared to mature desktop or server systems, lead to software development focused primarily on features and functionality rather than security and dependability. While several automated tools exist to test the security of IP phones, these tools have limitations and can not provide a strong guarantee that a particular IP phone is secure. Our work evaluates the attack resilience of a widely deployed IP phone, the Cisco 7960G, employing techniques such as: vulnerability scans, fuzz tests, and static binary analysis. While the first two techniques found no vulnerabilities, the static analysis of the firmware image revealed critical vulnerabilities and fundamental software design flaws. We conclude that security designs proven useful in desktop and server software architectures should similarly appear as part of the software design for devices such as IP phones. Key words: VoIP security, IP phone, static binary analysis, embedded system security 1
A Method for Detecting Abnormal Program Behavior on Embedded Devices
"... Abstract — A potential threat to embedded systems is the execution of unknown or malicious software capable of triggering harmful system behavior, aimed at theft of sensitive data or causing damage to the system. Commercial off-the-shelf embedded devices, such as embedded medical equipment, are more ..."
Abstract
- Add to MetaCart
Abstract — A potential threat to embedded systems is the execution of unknown or malicious software capable of triggering harmful system behavior, aimed at theft of sensitive data or causing damage to the system. Commercial off-the-shelf embedded devices, such as embedded medical equipment, are more vulnerable as these type of products cannot be amended conventionally or have limited resources to implement protec-tion mechanisms. In this paper, we present a self-organizing map (SOM)-based approach to enhance embedded system security by detecting abnormal program behavior. The proposed method extracts features derived from processor’s program counter and cycles per instruction, and then utilises the features to identify abnormal behavior using the SOM. Results achieved in our experiment show that the proposed method can identify unknown program behaviors not included in the training set with over 98.4 % accuracy. Index Terms — Embedded system security, abnormal behaviour detection, intrusion detection, self-organising map.
Embedded Software Security through Key-Based Control Flow Obfuscation
"... Abstract. Protection against software piracy and malicious modifica-tion of software is proving to be a great challenge for resource-constrained embedded systems. In this paper, we develop a non-cryptographic, key-based, control flow obfuscation technique, which can be implemented by computationally ..."
Abstract
- Add to MetaCart
Abstract. Protection against software piracy and malicious modifica-tion of software is proving to be a great challenge for resource-constrained embedded systems. In this paper, we develop a non-cryptographic, key-based, control flow obfuscation technique, which can be implemented by computationally efficient means, and is capable of operating with min-imal hardware support. The scheme is based on matching a series of expected keys in sequence, similar to the unlocking process in a com-bination lock, and provides high levels of resistance to static and dy-namic analyses. It is capable of protecting embedded software against both piracy as well as non-self-replicating malicious modifications. Sim-ulation results on a set of MIPS assembly language programs show that the technique is capable of providing high levels of security at nominal computational overhead and about 10 % code-size increase. 1