SHASHIDHAR PERURU Tamper Resistant Security Mechanisms for Secure Embedded Systems 1

Click here to load reader

  • date post

  • Category


  • view

  • download


Embed Size (px)

Transcript of SHASHIDHAR PERURU Tamper Resistant Security Mechanisms for Secure Embedded Systems 1

  • Slide 1

SHASHIDHAR PERURU Tamper Resistant Security Mechanisms for Secure Embedded Systems 1 Slide 2 OUTLINE Introduction Classification of attacks Countering attacks Case Study 2 toons/Computer.jpg Slide 3 INTRODUCTION 3 Slide 4 FUNCTIONAL SECURITY MECHANISMS Cryptographic algorithms, including symmetric ciphers, Public-key ciphers. Hash functions. Network security protocols ( IPSec and SSL ) BUT, they are not tamper proof and do not provide complete security solutions. 4 Slide 5 CAUSES OF SECURITY LAPSES Operations in untrusted environment Network induced vulnerability Downloaded software execution Complex design process 5 Slide 6 CLASSIFICATION OF ATTACKS Based on functional objectives Privacy attacks Integrity attacks Availability attacks Based on agents or means used to launch attack Software attacks Physical or Invasive attacks Side Channel Attacks 6 Slide 7 PHYSICAL AND SIDE CHANNEL ATTACKS Buffer overflow problem effects can include overwriting stack memory, heaps, and function pointers 7 SOFTWARE ATTACKS Physical Attacks Power Analysis attacks Timing attacks Fault Injection attacks Electromagnetic Analysis attacks Slide 8 COUNTERING SECURITY ATTACKS Specific objectives of the mechanisms Attack Prevention Attack Detection Attack Recovery Tamper evident design technique 8 Slide 9 COUNTERMEASURES FOR SOFTWARE ATTACKS The major considerations are :- 1. Ensure privacy and integrity of sensitive code and data during every stage of software execution in an embedded system. 2. Determine with certainty that is a safe from a security stand point to execute a given program 3. Remove security loopholes in software that make the system vulnerable to such attacks 9 Slide 10 Hardware Support Idea is to isolate or restrict secure memory areas Cryptocell Secure Bootstrapping Operating System Enhancements Software authentication and validation 10 Slide 11 COUNTERMEASURES FOR PHYSICAL AND SIDE CHANNEL ATTACKS Physical attack protection IBM 4758 PCI cryptographic adapter 11 Slide 12 Bus encryption Use of crytoprocessors Side channel attack protection Randomization Data Masking 12 Slide 13 It is a comprehensive security solution for SOCs Foremost and primary objective is to segregate access to sensitive information of a ARM based SOC architecture CASE STUDY : ARM TRUSTZONE 13 news16975/arm_trustzone.gif Slide 14 Trusted Code base Regulates the entire security of entire system Regulates all security tasks that involves manipulation of keys Uses demarcation to separate domains using S-bit 14 Slide 15 REFERENCES 1. Cryptocell, Directrix 2. ARM TrustZone 3. IBM 4758 PCI cryptographic adapter 4. ARM DONS ARMOR,TrustZone Security Extensions Strengthen ARMv6 Architecture By Tom R. Halfhill {8/25/03-01} 5. Security in Embedded Systems : Design Challenges,Srivaths Ravi and Anand Raghunathan,NEC Laboratories America,Paul Kocher Cryptography Research,and Sunil Hattangady,Texas Instruments Inc. 15