Pub Date : 2011-06-05DOI: 10.1109/HST.2011.5955004
N. Huu, B. Robisson, M. Agoyan, Nathalie Drach-Temam
To ensure the code integrity in secure embedded processors, most previous works focus on detecting attacks without paying their attention to recovery. This paper proposes a novel hardware recovery approach allowing the processor to resume the execution after detecting an attack. The experimental results demonstrate that our scheme introduces a very low impact on the performance while requiring a reasonable hardware overhead.
{"title":"Low-cost recovery for the code integrity protection in secure embedded processors","authors":"N. Huu, B. Robisson, M. Agoyan, Nathalie Drach-Temam","doi":"10.1109/HST.2011.5955004","DOIUrl":"https://doi.org/10.1109/HST.2011.5955004","url":null,"abstract":"To ensure the code integrity in secure embedded processors, most previous works focus on detecting attacks without paying their attention to recovery. This paper proposes a novel hardware recovery approach allowing the processor to resume the execution after detecting an attack. The experimental results demonstrate that our scheme introduces a very low impact on the performance while requiring a reasonable hardware overhead.","PeriodicalId":300377,"journal":{"name":"2011 IEEE International Symposium on Hardware-Oriented Security and Trust","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125801581","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-05DOI: 10.1109/HST.2011.5955012
Raghavan Kumar, Harikrishnan Chandrikakutty, S. Kundu
Physically Unclonable Functions (PUFs) are a special class of circuits used for challenge-response authentication. The challenge-response pair for PUFs should be mathematically unpredictable, but must be reliable and remain unvarying. The reliability of PUFs implemented in CMOS circuits is frequently compromised by environmental conditions such as voltage and temperature. In this paper, we propose two methods for improving the reliability of delay based PUFs, by reducing temperature sensitivity. The first method focuses on improving the gate overdrive (VGS − Vt(T)), by operating the PUF at an optimized supply voltage (V′DD), also called as ZTC (Zero Temperature Coefficient) voltage. The optimum supply voltage for a 24 stage PUF is almost 23% lower than the nominal supply voltage in 45nm CMOS technology. The second method exploits the negative temperature coefficient (TCR) property of n+ and p+ polysilicon placed as source feedback resistors. A 16% improvement in reliability has been demonstrated for both the methods. Moreover, we also demonstrate that these design optimizations do not compromise the PUF uniqueness.
{"title":"On improving reliability of delay based Physically Unclonable Functions under temperature variations","authors":"Raghavan Kumar, Harikrishnan Chandrikakutty, S. Kundu","doi":"10.1109/HST.2011.5955012","DOIUrl":"https://doi.org/10.1109/HST.2011.5955012","url":null,"abstract":"Physically Unclonable Functions (PUFs) are a special class of circuits used for challenge-response authentication. The challenge-response pair for PUFs should be mathematically unpredictable, but must be reliable and remain unvarying. The reliability of PUFs implemented in CMOS circuits is frequently compromised by environmental conditions such as voltage and temperature. In this paper, we propose two methods for improving the reliability of delay based PUFs, by reducing temperature sensitivity. The first method focuses on improving the gate overdrive (VGS − Vt(T)), by operating the PUF at an optimized supply voltage (V′DD), also called as ZTC (Zero Temperature Coefficient) voltage. The optimum supply voltage for a 24 stage PUF is almost 23% lower than the nominal supply voltage in 45nm CMOS technology. The second method exploits the negative temperature coefficient (TCR) property of n+ and p+ polysilicon placed as source feedback resistors. A 16% improvement in reliability has been demonstrated for both the methods. Moreover, we also demonstrate that these design optimizations do not compromise the PUF uniqueness.","PeriodicalId":300377,"journal":{"name":"2011 IEEE International Symposium on Hardware-Oriented Security and Trust","volume":"139 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123173175","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-05DOI: 10.1109/HST.2011.5954986
Victor Costan, S. Devadas
We present a novel approach to building hardware support for providing strong security guarantees for computations running in the cloud (shared hardware in massive data centers), while maintaining the high performance and low cost that make cloud computing attractive in the first place. We propose augmenting regular cloud servers with a Trusted Computation Base (TCB) that can securely perform high-performance computations. Our TCB achieves cost savings by spreading functionality across two paired chips. We show that making a Field-Programmable Gate Array (FPGA) a part of the TCB benefits security and performance, and we explore a new method for defending the computation inside the TCB against side-channel attacks.
{"title":"Security challenges and opportunities in adaptive and reconfigurable hardware","authors":"Victor Costan, S. Devadas","doi":"10.1109/HST.2011.5954986","DOIUrl":"https://doi.org/10.1109/HST.2011.5954986","url":null,"abstract":"We present a novel approach to building hardware support for providing strong security guarantees for computations running in the cloud (shared hardware in massive data centers), while maintaining the high performance and low cost that make cloud computing attractive in the first place. We propose augmenting regular cloud servers with a Trusted Computation Base (TCB) that can securely perform high-performance computations. Our TCB achieves cost savings by spreading functionality across two paired chips. We show that making a Field-Programmable Gate Array (FPGA) a part of the TCB benefits security and performance, and we explore a new method for defending the computation inside the TCB against side-channel attacks.","PeriodicalId":300377,"journal":{"name":"2011 IEEE International Symposium on Hardware-Oriented Security and Trust","volume":"324 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122713203","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-05DOI: 10.1109/HST.2011.5954987
Thomas Feller, Sunil Malipatlolla, David Meister, S. Huss
Currently, embedded system implementations are increasingly exploiting reconfigurable devices such as Field Programmable Gate Arrays (FPGAs). Due to the volatile nature of SRAM-based FPGAs it is necessary to secure such systems against intellectual property (IP) theft and overproduction. Additionally, the trustworthy operation of these systems has to be guarded in order to protect the processed data. We propose in this paper a novel cryptographic module called TinyTPM, which enforces trustworthy operation and IP protection for embedded systems. Our approach covers the following two key principles: (i) trustworthy attestation of the embedded system state, (ii) IP protection by providing authenticated and encrypted update procedures for FPGAs. The TinyTPM consumes only a few resources and is therefore well-suited to design secure, efficient, and low cost FPGA-based embedded systems. This architecture has been implemented as a proof-of-concept on top of a Xilinx Virtex-5 FPGA platform and demonstrates both, security and efficiency.
{"title":"TinyTPM: A lightweight module aimed to IP protection and trusted embedded platforms","authors":"Thomas Feller, Sunil Malipatlolla, David Meister, S. Huss","doi":"10.1109/HST.2011.5954987","DOIUrl":"https://doi.org/10.1109/HST.2011.5954987","url":null,"abstract":"Currently, embedded system implementations are increasingly exploiting reconfigurable devices such as Field Programmable Gate Arrays (FPGAs). Due to the volatile nature of SRAM-based FPGAs it is necessary to secure such systems against intellectual property (IP) theft and overproduction. Additionally, the trustworthy operation of these systems has to be guarded in order to protect the processed data. We propose in this paper a novel cryptographic module called TinyTPM, which enforces trustworthy operation and IP protection for embedded systems. Our approach covers the following two key principles: (i) trustworthy attestation of the embedded system state, (ii) IP protection by providing authenticated and encrypted update procedures for FPGAs. The TinyTPM consumes only a few resources and is therefore well-suited to design secure, efficient, and low cost FPGA-based embedded systems. This architecture has been implemented as a proof-of-concept on top of a Xilinx Virtex-5 FPGA platform and demonstrates both, security and efficiency.","PeriodicalId":300377,"journal":{"name":"2011 IEEE International Symposium on Hardware-Oriented Security and Trust","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114441398","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-05DOI: 10.1109/HST.2011.5954995
S. Guilley, L. Sauvage, J. Danger, Nidhal Selmane, Denis Réal
Cryptographic implementations are vulnerable to physical attacks. Many countermeasures to resist them have been proposed in the past. However, they are all specific to a given attacker and allow to mitigate the risk only up to a certain level: improved attacks on those countermeasures can most of the time be devised. Therefore, a new trend consists in making cryptographic implementations resilient to physical attacks. This strategy makes it possible to prove the countermeasure against all possible types of attackers captured by a security model. Several resilient schemes for the protection of block ciphers exist. For a given security objective, they all permit to reach the same security level. Therefore, they differentiate only according to their efficiency. We first show that the genuine versions of these protocols achieve different I/O bandwidth and computational performance. Our second contribution is to improve those protocols thanks to a message blinding, assuming passive attacks require more than two traces to be successful. Then, we bring as a third contribution the fact that the improved versions of the protocols are very much alike, and that the difference between them depends only from the specific details of their instantiation.
{"title":"Performance evaluation of protocols resilient to physical attacks","authors":"S. Guilley, L. Sauvage, J. Danger, Nidhal Selmane, Denis Réal","doi":"10.1109/HST.2011.5954995","DOIUrl":"https://doi.org/10.1109/HST.2011.5954995","url":null,"abstract":"Cryptographic implementations are vulnerable to physical attacks. Many countermeasures to resist them have been proposed in the past. However, they are all specific to a given attacker and allow to mitigate the risk only up to a certain level: improved attacks on those countermeasures can most of the time be devised. Therefore, a new trend consists in making cryptographic implementations resilient to physical attacks. This strategy makes it possible to prove the countermeasure against all possible types of attackers captured by a security model. Several resilient schemes for the protection of block ciphers exist. For a given security objective, they all permit to reach the same security level. Therefore, they differentiate only according to their efficiency. We first show that the genuine versions of these protocols achieve different I/O bandwidth and computational performance. Our second contribution is to improve those protocols thanks to a message blinding, assuming passive attacks require more than two traces to be successful. Then, we bring as a third contribution the fact that the improved versions of the protocols are very much alike, and that the difference between them depends only from the specific details of their instantiation.","PeriodicalId":300377,"journal":{"name":"2011 IEEE International Symposium on Hardware-Oriented Security and Trust","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131810242","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-05DOI: 10.1109/HST.2011.5955005
Jean DaRolt, G. D. Natale, M. Flottes, B. Rouzeyre
Insertion of scan chains is the most common technique to ensure observability and controllability of sequential elements in an IC. However, when the chip deals with secret information, the scan chain can be used as back door for accessing secret (or hidden) information, and thus jeopardize the overall security. Several scan-based attacks on cryptographic functions have been described and showed the need for secure scan implementations. These attacks assume a single scan chain. However the conception of large designs and restrictions in terms of test costs may require the implementation of many scan chains and additional test infrastructures for test response compaction. In this paper, we present a new generic scan attack that covers a wide range of industrial test infrastructures, including spatial response compressors.
{"title":"New security threats against chips containing scan chain structures","authors":"Jean DaRolt, G. D. Natale, M. Flottes, B. Rouzeyre","doi":"10.1109/HST.2011.5955005","DOIUrl":"https://doi.org/10.1109/HST.2011.5955005","url":null,"abstract":"Insertion of scan chains is the most common technique to ensure observability and controllability of sequential elements in an IC. However, when the chip deals with secret information, the scan chain can be used as back door for accessing secret (or hidden) information, and thus jeopardize the overall security. Several scan-based attacks on cryptographic functions have been described and showed the need for secure scan implementations. These attacks assume a single scan chain. However the conception of large designs and restrictions in terms of test costs may require the implementation of many scan chains and additional test infrastructures for test response compaction. In this paper, we present a new generic scan attack that covers a wide range of industrial test infrastructures, including spatial response compressors.","PeriodicalId":300377,"journal":{"name":"2011 IEEE International Symposium on Hardware-Oriented Security and Trust","volume":"103 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130994536","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-05DOI: 10.1109/HST.2011.5954999
S. Narasimhan, Xinmu Wang, Dongdong Du, R. Chakraborty, S. Bhunia
Malicious modification of integrated circuits, referred to as Hardware Trojans, in untrusted fabrication facility has emerged as a major security threat. Logic testing approaches are not very effective for detecting large sequential Trojans which require multiple state transitions often triggered by rare circuit events in order to activate and cause malfunction. On the other hand, side-channel analysis has emerged as an effective approach for detection of such large sequential Trojans. However, existing side-channel approaches suffer from large reduction in detection sensitivity with increasing process variations or decreasing Trojan size. In this paper, we propose TeSR, a Temporal Self-Referencing approach that compares the current signature of a chip at two different time windows to completely eliminate the effect of process noise, thus providing high detection sensitivity for Trojans of varying size. Furthermore, unlike existing approaches, it does not require golden chip instances as a reference. Simulation results for three complex designs and three representative sequential Trojan circuits demonstrate the effectiveness of the approach under large inter- and intra-die process variations.
{"title":"TeSR: A robust Temporal Self-Referencing approach for Hardware Trojan detection","authors":"S. Narasimhan, Xinmu Wang, Dongdong Du, R. Chakraborty, S. Bhunia","doi":"10.1109/HST.2011.5954999","DOIUrl":"https://doi.org/10.1109/HST.2011.5954999","url":null,"abstract":"Malicious modification of integrated circuits, referred to as Hardware Trojans, in untrusted fabrication facility has emerged as a major security threat. Logic testing approaches are not very effective for detecting large sequential Trojans which require multiple state transitions often triggered by rare circuit events in order to activate and cause malfunction. On the other hand, side-channel analysis has emerged as an effective approach for detection of such large sequential Trojans. However, existing side-channel approaches suffer from large reduction in detection sensitivity with increasing process variations or decreasing Trojan size. In this paper, we propose TeSR, a Temporal Self-Referencing approach that compares the current signature of a chip at two different time windows to completely eliminate the effect of process noise, thus providing high detection sensitivity for Trojans of varying size. Furthermore, unlike existing approaches, it does not require golden chip instances as a reference. Simulation results for three complex designs and three representative sequential Trojan circuits demonstrate the effectiveness of the approach under large inter- and intra-die process variations.","PeriodicalId":300377,"journal":{"name":"2011 IEEE International Symposium on Hardware-Oriented Security and Trust","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126884796","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-05DOI: 10.1109/HST.2011.5954992
Michael Bilzor, Ted Huffmire, C. Irvine, T. Levin
To counter the growing threat of malicious subversions to the design of a microprocessor, there is a great need for simple, automated methods for detecting such malevolent changes. Based on the adoption of the Property Specification Language (PSL) for behavioral verification, and the advent of tools for automatically generating synthesizable hardware design language (HDL) constructs for verifying a PSL assertion, we propose a new method called Security Checkers, which uses security-focused PSL assertions to create hardware design units for detecting malicious inclusions at runtime. We describe the process flow for creating Security Checkers and demonstrate by example how they can be used to detect malicious inclusions in a processor design. Because the checkers can be used in simulation, FPGA emulation, or as part of a fabricated design, we illustrate how this technique can be used to detect malicious inclusions over a much broader segment of the processor development lifecycle, compared to existing methods.
{"title":"Security Checkers: Detecting processor malicious inclusions at runtime","authors":"Michael Bilzor, Ted Huffmire, C. Irvine, T. Levin","doi":"10.1109/HST.2011.5954992","DOIUrl":"https://doi.org/10.1109/HST.2011.5954992","url":null,"abstract":"To counter the growing threat of malicious subversions to the design of a microprocessor, there is a great need for simple, automated methods for detecting such malevolent changes. Based on the adoption of the Property Specification Language (PSL) for behavioral verification, and the advent of tools for automatically generating synthesizable hardware design language (HDL) constructs for verifying a PSL assertion, we propose a new method called Security Checkers, which uses security-focused PSL assertions to create hardware design units for detecting malicious inclusions at runtime. We describe the process flow for creating Security Checkers and demonstrate by example how they can be used to detect malicious inclusions in a processor design. Because the checkers can be used in simulation, FPGA emulation, or as part of a fabricated design, we illustrate how this technique can be used to detect malicious inclusions over a much broader segment of the processor development lifecycle, compared to existing methods.","PeriodicalId":300377,"journal":{"name":"2011 IEEE International Symposium on Hardware-Oriented Security and Trust","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129632356","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-05DOI: 10.1109/HST.2011.5954996
S. Morioka, Toshiyuki Isshiki, Satoshi Obana, Yuichi Nakamura, Kazue Sako
Group signature is one of the main theme in recent digital signature studies. Typical signature algorithm is a combination of more than 70 elliptic curve (ECC), modular (RSA), long-bit integer and hash arithmetic functions. A full H/W IP core is strongly desired for the use of group signature in SoCs in slow-clock and low-power mobile devices and embedded systems. Flexible adjustment of H/W speed and size, depending on different systems and LSI process technologies, is also required. However, for designing and verifying H/W, the group signature algorithm is too complicated to use a standard RTL (Register Transfer Level) design methodology nor any recent HLS (High Level Synthesis). Therefore, we incorporated a two-level behavioral synthesis approach, where an optimized macro-architecture is explored by a custom-made scheduler, after a database of multiple number of microarchitectures are effectively constructed by conventional HLS. We implemented the signature algorithm on a low-cost 0.25um gate-array. The H/W size is approximately 1M gates and our chip can compute a group signature at the equivalent speed (0.135 seconds@100MHz clock) with 3GHz PC S/W, while the power consumption is two orders of magnitude lower (425mW@100MHz).
群签名是近年来数字签名研究的主题之一。典型的签名算法是70多个椭圆曲线(ECC)、模(RSA)、长位整数和哈希算法函数的组合。对于在慢时钟和低功耗移动设备和嵌入式系统的soc中使用组签名,强烈需要一个完整的H/W IP核。根据不同的系统和LSI工艺技术,还需要灵活调整H/W速度和尺寸。然而,对于设计和验证H/W,组签名算法过于复杂,无法使用标准的RTL(寄存器传输级别)设计方法或任何最新的HLS(高级合成)。因此,我们采用了一种两级行为综合方法,在传统HLS有效构建了多个微体系结构的数据库之后,由定制调度器探索优化的宏观体系结构。我们在低成本的0.25um门阵列上实现了签名算法。H/W尺寸约为1M门,我们的芯片可以以3GHz PC S/W的等效速度(0.135 seconds@100MHz时钟)计算组签名,而功耗低两个数量级(425mW@100MHz)。
{"title":"Flexible architecture optimization and ASIC implementation of group signature algorithm using a customized HLS methodology","authors":"S. Morioka, Toshiyuki Isshiki, Satoshi Obana, Yuichi Nakamura, Kazue Sako","doi":"10.1109/HST.2011.5954996","DOIUrl":"https://doi.org/10.1109/HST.2011.5954996","url":null,"abstract":"Group signature is one of the main theme in recent digital signature studies. Typical signature algorithm is a combination of more than 70 elliptic curve (ECC), modular (RSA), long-bit integer and hash arithmetic functions. A full H/W IP core is strongly desired for the use of group signature in SoCs in slow-clock and low-power mobile devices and embedded systems. Flexible adjustment of H/W speed and size, depending on different systems and LSI process technologies, is also required. However, for designing and verifying H/W, the group signature algorithm is too complicated to use a standard RTL (Register Transfer Level) design methodology nor any recent HLS (High Level Synthesis). Therefore, we incorporated a two-level behavioral synthesis approach, where an optimized macro-architecture is explored by a custom-made scheduler, after a database of multiple number of microarchitectures are effectively constructed by conventional HLS. We implemented the signature algorithm on a low-cost 0.25um gate-array. The H/W size is approximately 1M gates and our chip can compute a group signature at the equivalent speed (0.135 seconds@100MHz clock) with 3GHz PC S/W, while the power consumption is two orders of magnitude lower (425mW@100MHz).","PeriodicalId":300377,"journal":{"name":"2011 IEEE International Symposium on Hardware-Oriented Security and Trust","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129884778","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-06-05DOI: 10.1109/HST.2011.5955006
S. Papa, W. Casper, S. Nair
The use of Trust Anchors in a well designed embedded system can help create more secure designs. Trust Anchors can be used to establish, extend, and maintain trust during power-up and run-time operation of a system. A system may contain one or more trust anchors working isolated or in a coordinated manner within the system. Embedded computer systems may be subject to network and physical attacks and so the use of trust anchors may help protect the system from these attacks. By evaluating potential attacks the placement and functionality of trusted hardware and software in the system may be defined to help mitigate the attacks. This paper uses several different attacks on an embedded computer as examples to describe the placement of trust anchors, hardware and software protection mechanisms, and other functionality needed to protect the system against these attacks.
{"title":"Placement of trust anchors in embedded computer systems","authors":"S. Papa, W. Casper, S. Nair","doi":"10.1109/HST.2011.5955006","DOIUrl":"https://doi.org/10.1109/HST.2011.5955006","url":null,"abstract":"The use of Trust Anchors in a well designed embedded system can help create more secure designs. Trust Anchors can be used to establish, extend, and maintain trust during power-up and run-time operation of a system. A system may contain one or more trust anchors working isolated or in a coordinated manner within the system. Embedded computer systems may be subject to network and physical attacks and so the use of trust anchors may help protect the system from these attacks. By evaluating potential attacks the placement and functionality of trusted hardware and software in the system may be defined to help mitigate the attacks. This paper uses several different attacks on an embedded computer as examples to describe the placement of trust anchors, hardware and software protection mechanisms, and other functionality needed to protect the system against these attacks.","PeriodicalId":300377,"journal":{"name":"2011 IEEE International Symposium on Hardware-Oriented Security and Trust","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116774531","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: