Dissertation/Thesis Abstract

Integrated hardware/software approaches to software security for embedded systems
by Gelbart, Olga, D.Sc., The George Washington University, 2008, 137; 3297440
Abstract (Summary)

Software security remains a daunting problem and introduces even more challenges in the context of embedded systems. Their small size and pervasive use makes them vulnerable to physical attacks which can be launched after capture by an adversary and can defeat the typical security mechanisms, for remote network-based attacks. This thesis addresses the problem of protecting embedded software systems from physical attacks. Our research focuses on systems in which instructions and data are encrypted in memory and decrypted in the processor to minimize exposure to hardware sniffing or information leakage. However, several attacks on application code and data are still possible on such systems when the attacker has physical access to the system. Past approaches to this problem have provided hardware solutions, which require changes to the processor micro-architecture and the instruction set architecture. We propose an integrated hardware and software approach which requires no such changes. We design and combine novel techniques in the areas of compilers, architectures, and software security to provide a high level of security and user transparency. The architectural innovation stems from the use of an on-chip secure hardware component to implement our run-time security measures. For this purpose use an on-chip Field Programmable Gate Array (FPGA), an architecture that is now commonly available on many processor chips. By implementing all our security primitives on the FPGA we do not require any changes to the processor micro-architecture, the ISA or the memory organization. In our approach, a compiler-based software tool instruments executables and an on-chip FPGA-based hardware component provides run-time integrity and authorization checking on the executable code and application data. The use of an FPGA provides security services in a platform-independent manner and enables us to carry out application-specific compiler-driven protections. The compiler provides user transparency by hiding security details from software developers. We provide a cycle-accurate architecture simulator infrastructure to implement our techniques and to evaluate the performance impact of our approach. The low performance penalties, for high levels of code and data security, observed in our experimental results validate our approach.

Indexing (document details)
Advisor: Narahari, Bhagirath, Simha, Rahul
Commitee: Martin, Dianne, Rotenstreich, Schmuel, Williams, Yul
School: The George Washington University
Department: Computer Science
School Location: United States -- District of Columbia
Source: DAI-B 69/02, Dissertation Abstracts International
Subjects: Computer science
Keywords: Embedded systems, Integrated hardware-software, Software security
Publication Number: 3297440
ISBN: 978-0-549-46057-2
Copyright © 2020 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy