Team for Research in
Ubiquitous Secure Technology

Building Security into Embedded Systems: Validating Theoretical Designs using Experimental Platforms
Yuan Xue

Citation
Yuan Xue. "Building Security into Embedded Systems: Validating Theoretical Designs using Experimental Platforms". Talk or presentation, 23, May, 2006.

Abstract
Building Security into Embedded Systems: Validating Theoretical Design using Experimental Platforms. Embedded systems play a crucial role in national critical infrastructure. There is an increasing concern of security threats as embedded systems are migrating from proprietary solutions to open standard, and from standalone systems to networked environments. Although security has been the subject of intensive research in the areas of cryptography, operating systems, and networks, designing secure embedded systems still faces unique challenges. One comes from the fact that embedded system design is a hardware-software co-design problem that needs to meet the requirement in terms of performance and cost. Such observation requires security consideration as an integral part throughout the design process, and security design needs to be validated over the software and hardware platforms. This talk will present our efforts on two projects in validating the secure embedded system designs using the experimental platforms. (1) Model-based approaches have proven to be an effective solution for embedded system design. We propose a co-design framework to integrate security modeling in embedded system design. To validate our approach, we built an experimental platform which allows for "Hardware"-in-the-Loop testing of embedded controllers. The platform is based on a high-fidelity real-time simulation of a physical plant with a three tank fluid-transfer system. Code Generators create code from security enriched models of the system. We exercise this code on the experimental platform to test for security properties. We show example attacks on the embedded controller and demonstrate how security models can be mapped to underlying platform services. (2) Our research on secure wireless embedded sensor networks is motivated and based on an application, called "Dirty Bomb Detection and Localization", in collaboration with Oak Ridge National Lab. Based on this sensor network platform, we have conducted security analysis for wireless sensor systems and showcased the security solutions for a list of system vulnerabilities using variety of techniques. This includes performing ranging and tracking using multiple frequencies to defend against jamming attacks, and preventing bogus tracking result and false tracking command based on a novel peer authentication mechanism.

Electronic downloads

Citation formats  
  • HTML 
    Yuan Xue. <a
href="http://www.truststc.org/pubs/98.html"
><i>Building Security into Embedded
Systems:	Validating Theoretical Designs using Experimental
Platforms</i></a>, Talk or presentation,  23,
May, 2006.
  • Plain text 
    Yuan Xue. "Building Security into Embedded
Systems:	Validating Theoretical Designs using Experimental
Platforms". Talk or presentation,  23, May, 2006.
  • BibTeX 
    @presentation{Xue06_BuildingSecurityIntoEmbeddedSystemsValidatingTheoretical,
    author = {Yuan Xue},
    title = {Building Security into Embedded
              Systems:	Validating Theoretical Designs using
              Experimental Platforms},
    day = {23},
    month = {May},
    year = {2006},
    abstract = {Building Security into Embedded Systems:
              Validating Theoretical Design using Experimental
              Platforms. Embedded systems play a crucial role in
              national critical infrastructure. There is an
              increasing concern of security threats as embedded
              systems are migrating from proprietary solutions
              to open standard, and from standalone systems to
              networked environments. Although security has been
              the subject of intensive research in the areas of
              cryptography, operating systems, and networks,
              designing secure embedded systems still faces
              unique challenges. One comes from the fact that
              embedded system design is a hardware-software
              co-design problem that needs to meet the
              requirement in terms of performance and cost. Such
              observation requires security consideration as an
              integral part throughout the design process, and
              security design needs to be validated over the
              software and hardware platforms. This talk will
              present our efforts on two projects in validating
              the secure embedded system designs using the
              experimental platforms. (1) Model-based approaches
              have proven to be an effective solution for
              embedded system design. We propose a co-design
              framework to integrate security modeling in
              embedded system design. To validate our approach,
              we built an experimental platform which allows for
              "Hardware"-in-the-Loop testing of embedded
              controllers. The platform is based on a
              high-fidelity real-time simulation of a physical
              plant with a three tank fluid-transfer system.
              Code Generators create code from security enriched
              models of the system. We exercise this code on the
              experimental platform to test for security
              properties. We show example attacks on the
              embedded controller and demonstrate how security
              models can be mapped to underlying platform
              services. (2) Our research on secure wireless
              embedded sensor networks is motivated and based on
              an application, called "Dirty Bomb Detection and
              Localization", in collaboration with Oak Ridge
              National Lab. Based on this sensor network
              platform, we have conducted security analysis for
              wireless sensor systems and showcased the security
              solutions for a list of system vulnerabilities
              using variety of techniques. This includes
              performing ranging and tracking using multiple
              frequencies to defend against jamming attacks, and
              preventing bogus tracking result and false
              tracking command based on a novel peer
              authentication mechanism. },
    URL = {http://www.truststc.org/pubs/98.html}
}

Posted by Yuan Xue on 28 May 2006.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.