Team for Research in
Ubiquitous Secure Technology

Building Security into Embedded Systems: Validating Theoretical Designs using Experimental Platforms
Yuan Xue

Citation
Yuan Xue. "Building Security into Embedded Systems: Validating Theoretical Designs using Experimental Platforms". Talk or presentation, 23, May, 2006.

Abstract
Building Security into Embedded Systems: Validating Theoretical Design using Experimental Platforms. Embedded systems play a crucial role in national critical infrastructure. There is an increasing concern of security threats as embedded systems are migrating from proprietary solutions to open standard, and from standalone systems to networked environments. Although security has been the subject of intensive research in the areas of cryptography, operating systems, and networks, designing secure embedded systems still faces unique challenges. One comes from the fact that embedded system design is a hardware-software co-design problem that needs to meet the requirement in terms of performance and cost. Such observation requires security consideration as an integral part throughout the design process, and security design needs to be validated over the software and hardware platforms. This talk will present our efforts on two projects in validating the secure embedded system designs using the experimental platforms. (1) Model-based approaches have proven to be an effective solution for embedded system design. We propose a co-design framework to integrate security modeling in embedded system design. To validate our approach, we built an experimental platform which allows for "Hardware"-in-the-Loop testing of embedded controllers. The platform is based on a high-fidelity real-time simulation of a physical plant with a three tank fluid-transfer system. Code Generators create code from security enriched models of the system. We exercise this code on the experimental platform to test for security properties. We show example attacks on the embedded controller and demonstrate how security models can be mapped to underlying platform services. (2) Our research on secure wireless embedded sensor networks is motivated and based on an application, called "Dirty Bomb Detection and Localization", in collaboration with Oak Ridge National Lab. Based on this sensor network platform, we have conducted security analysis for wireless sensor systems and showcased the security solutions for a list of system vulnerabilities using variety of techniques. This includes performing ranging and tracking using multiple frequencies to defend against jamming attacks, and preventing bogus tracking result and false tracking command based on a novel peer authentication mechanism.

Electronic downloads

Citation formats  
  • HTML
    Yuan Xue. <a
    href="http://www.truststc.org/pubs/98.html"
    ><i>Building Security into Embedded
    Systems:	Validating Theoretical Designs using Experimental
    Platforms</i></a>, Talk or presentation,  23,
    May, 2006.
  • Plain text
    Yuan Xue. "Building Security into Embedded
    Systems:	Validating Theoretical Designs using Experimental
    Platforms". Talk or presentation,  23, May, 2006.
  • BibTeX
    @presentation{Xue06_BuildingSecurityIntoEmbeddedSystemsValidatingTheoretical,
        author = {Yuan Xue},
        title = {Building Security into Embedded
                  Systems:	Validating Theoretical Designs using
                  Experimental Platforms},
        day = {23},
        month = {May},
        year = {2006},
        abstract = {Building Security into Embedded Systems:
                  Validating Theoretical Design using Experimental
                  Platforms. Embedded systems play a crucial role in
                  national critical infrastructure. There is an
                  increasing concern of security threats as embedded
                  systems are migrating from proprietary solutions
                  to open standard, and from standalone systems to
                  networked environments. Although security has been
                  the subject of intensive research in the areas of
                  cryptography, operating systems, and networks,
                  designing secure embedded systems still faces
                  unique challenges. One comes from the fact that
                  embedded system design is a hardware-software
                  co-design problem that needs to meet the
                  requirement in terms of performance and cost. Such
                  observation requires security consideration as an
                  integral part throughout the design process, and
                  security design needs to be validated over the
                  software and hardware platforms. This talk will
                  present our efforts on two projects in validating
                  the secure embedded system designs using the
                  experimental platforms. (1) Model-based approaches
                  have proven to be an effective solution for
                  embedded system design. We propose a co-design
                  framework to integrate security modeling in
                  embedded system design. To validate our approach,
                  we built an experimental platform which allows for
                  "Hardware"-in-the-Loop testing of embedded
                  controllers. The platform is based on a
                  high-fidelity real-time simulation of a physical
                  plant with a three tank fluid-transfer system.
                  Code Generators create code from security enriched
                  models of the system. We exercise this code on the
                  experimental platform to test for security
                  properties. We show example attacks on the
                  embedded controller and demonstrate how security
                  models can be mapped to underlying platform
                  services. (2) Our research on secure wireless
                  embedded sensor networks is motivated and based on
                  an application, called "Dirty Bomb Detection and
                  Localization", in collaboration with Oak Ridge
                  National Lab. Based on this sensor network
                  platform, we have conducted security analysis for
                  wireless sensor systems and showcased the security
                  solutions for a list of system vulnerabilities
                  using variety of techniques. This includes
                  performing ranging and tracking using multiple
                  frequencies to defend against jamming attacks, and
                  preventing bogus tracking result and false
                  tracking command based on a novel peer
                  authentication mechanism. },
        URL = {http://www.truststc.org/pubs/98.html}
    }
    

Posted by Yuan Xue on 28 May 2006.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.