Secure Embedded Processing through Hardware-Assisted Run-Time Monitoring

Security is emerging as an important concern in embedded system design. The security of embedded systems is often compromised due to vulnerabilities in "trusted" software that they execute. Security attacks exploit these vulnerabilities to trigger unintended program behavior, such as the l...

Full description

Saved in:
Bibliographic Details
Published in:Design, Automation and Test in Europe pp. 178 - 183
Main Authors: Arora, Divya, Ravi, Srivaths, Raghunathan, Anand, Jha, Niraj K.
Format: Conference Proceeding
Language:English
Published: Washington, DC, USA IEEE Computer Society 07.03.2005
IEEE
Series:ACM Conferences
Subjects:
Communication system security
Computer architecture
Computer systems organization > Embedded and cyber-physical systems
Computer systems organization > Real-time systems
Data security
Embedded software
Embedded system
General and reference > Cross-computing tools and techniques > Verification
Hardware
Hardware > Hardware validation
Information security
Mathematics of computing > Discrete mathematics > Graph theory > Graph algorithms
Monitoring
National electric code
Runtime
Software and its engineering > Software creation and management > Software development process management
Software and its engineering > Software creation and management > Software verification and validation > Formal software verification
Software and its engineering > Software organization and properties > Software functional properties > Formal methods > Software verification
Theory of computation > Semantics and reasoning > Program reasoning > Program analysis
Theory of computation > Semantics and reasoning > Program reasoning > Program verification
Theory of computation > Semantics and reasoning > Program semantics
ISBN:9780769522883, 0769522882
ISSN:1530-1591
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Abstract Security is emerging as an important concern in embedded system design. The security of embedded systems is often compromised due to vulnerabilities in "trusted" software that they execute. Security attacks exploit these vulnerabilities to trigger unintended program behavior, such as the leakage of sensitive data or the execution of malicious code. In this work, we present a hardware-assisted paradigm to enhance embedded system security by detecting and preventing unintended program behavior. Specifically, we extract properties of an embedded program through static program analysis, and use them as the bases for enforcing permissible program behavior in real-time as the program executes. We present an architecture for hardware-assisted run-time monitoring, wherein the embedded processor is augmented with a hardware monitor that observes the processor's dynamic execution trace, checks whether the execution trace falls within the allowed program behavior, and flags any deviations from the expected behavior to trigger appropriate response mechanisms. We present properties that can be used to capture permissible program behavior at different levels of granularity within a program, namely inter-procedural control flow, intra-procedural control flow, and instruction stream integrity. We also present a systematic methodology to design application-specific hardware monitors for any given embedded program. We have evaluated the hardware requirements and performance of the proposed architecture for several embedded software benchmarks. Hardware implementations using a commercial design flow, and architectural simulations using the SimpleScalar framework, indicate that the proposed technique can thwart several common software and physical attacks, facilitating secure program execution with minimal overheads.
AbstractList Security is emerging as an important concern in embedded system design. The security of embedded systems is often compromised due to vulnerabilities in 'trusted'software that they execute. Security attacks exploit these vulnerabilities to trigger unintended program behavior, such as the leakage of sensitive data or the execution of malicious code. In this work, we present a hardware-assisted paradigm to enhance embedded system security by detecting and preventing unintended program behavior. Specifically, we extract properties of an embedded program through static program analysis, and use them as the bases for enforcing permissible program behavior in real-time as the program executes. We present an architecture for hardware-assisted run-time monitoring, wherein the embedded processor is augmented with a hardware monitor that observes the processor's dynamic execution trace, checks whether the execution trace falls within the allowed program behavior, and flags any deviations from the expected behavior to trigger appropriate response mechanisms. We present properties that can be used to capture permissible program behavior at different levels of granularity within a program, namely inter-procedural control flow, intra-procedural control flow, and instruction stream integrity. We also present a systematic methodology to design application-specific hardware monitors for any given embedded program. We have evaluated the hardware requirements and performance of the proposed architecture for several embedded software benchmarks. Hardware implementations using a commercial design flow, and architectural simulations using the SimpleScalar framework, indicate that the proposed technique can thwart several common software and physical attacks, facilitating secure program execution with minimal overheads.
Author Jha, Niraj K.
Raghunathan, Anand
Arora, Divya
Ravi, Srivaths
Author_xml – sequence: 1
  givenname: Divya
  surname: Arora
  fullname: Arora, Divya
  organization: Princeton University, Princeton, NJ
– sequence: 2
  givenname: Srivaths
  surname: Ravi
  fullname: Ravi, Srivaths
  organization: NEC Laboratories America, Princeton, NJ
– sequence: 3
  givenname: Anand
  surname: Raghunathan
  fullname: Raghunathan, Anand
  organization: NEC Laboratories America, Princeton, NJ
– sequence: 4
  givenname: Niraj K.
  surname: Jha
  fullname: Jha, Niraj K.
  organization: Princeton University, Princeton, NJ
BookMark eNqNkE1LAzEURQNWsNYuXbmZlSun5qOZJMtSqxUURes6ZJI37WhnUpMZxH9vSgW3vs2Fx-HCPado0PoWEDoneEIIVtc3s9ViQjHmE1oUR2ishMSiUJxSKdkADQlnOCdckRM0jvEdp2NqSgoxRMtXsH2AbNGU4By47Dl4CzHW7TrrNsH36022NMF9mQD5LP1jl6CXvs1XdQPZo2_rzodEn6HjymwjjH9zhN5uF6v5Mn94urufzx5yQ8W0y6WjRFDrMAdKQLDSSAN0agSppFOVIiWueEUJodY4YSuwmEmDWenoVDFJ2AhdHnp3wX_2EDvd1NHCdmta8H3ULI2VkhcJvDiANQDoXagbE741YYpzTv9qjG106f1H1ATrvU29t6n3NnWymcCrf4G6DDVU7AfX9HRp
ContentType Conference Proceeding
DBID 6IE
6IL
CBEJK
RIE
RIL
7SC
8FD
JQ2
L7M
L~C
L~D
DOI 10.1109/DATE.2005.266
DatabaseName IEEE Electronic Library (IEL) Conference Proceedings
IEEE Xplore POP ALL
IEEE Xplore All Conference Proceedings
IEEE/IET Electronic Library
IEEE Proceedings Order Plans (POP All) 1998-Present
Computer and Information Systems Abstracts
Technology Research Database
ProQuest Computer Science Collection
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
DatabaseTitle Computer and Information Systems Abstracts
Technology Research Database
Computer and Information Systems Abstracts – Academic
Advanced Technologies Database with Aerospace
ProQuest Computer Science Collection
Computer and Information Systems Abstracts Professional
DatabaseTitleList Computer and Information Systems Abstracts
Database_xml – sequence: 1
  dbid: RIE
  name: IEEE/IET Electronic Library
  url: https://ieeexplore.ieee.org/
  sourceTypes: Publisher
DeliveryMethod fulltext_linktorsrc
Discipline Engineering
Computer Science
EndPage 183
ExternalDocumentID 1395552
Genre orig-research
Conference Paper
GroupedDBID 6IE
6IF
6IK
6IL
6IN
AAJGR
AARBI
ACM
ADPZR
ALMA_UNASSIGNED_HOLDINGS
APO
BEFXN
BFFAM
BGNUA
BKEBE
BPEOZ
CBEJK
GUFHI
OCL
RIB
RIC
RIE
RIL
123
29F
29O
6IH
AAWTH
ABLEC
ADZIZ
CHZPO
FEDTE
IEGSK
IPLJI
KZ1
LMP
M43
RNS
7SC
8FD
JQ2
L7M
L~C
L~D
ID FETCH-LOGICAL-a274t-8d2172cd05e21e73ba8ae24a71f8d9f91b0f5f2112cad7cfec038a03bd2493813
IEDL.DBID RIE
ISBN 9780769522883
0769522882
ISICitedReferencesCount 69
ISICitedReferencesURI http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000228086900033&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN 1530-1591
IngestDate Thu Jul 10 18:42:41 EDT 2025
Wed Aug 27 02:14:00 EDT 2025
Wed Jan 31 06:48:15 EST 2024
Wed Jan 31 06:38:23 EST 2024
IsPeerReviewed false
IsScholarly true
Language English
LinkModel DirectLink
MeetingName DATE05: Design, Automation and Test in Europe
MergedId FETCHMERGED-LOGICAL-a274t-8d2172cd05e21e73ba8ae24a71f8d9f91b0f5f2112cad7cfec038a03bd2493813
Notes SourceType-Conference Papers & Proceedings-1
ObjectType-Conference Paper-1
content type line 25
PQID 31538856
PQPubID 23500
PageCount 6
ParticipantIDs acm_books_10_1109_DATE_2005_266
proquest_miscellaneous_31538856
acm_books_10_1109_DATE_2005_266_brief
ieee_primary_1395552
PublicationCentury 2000
PublicationDate 20050307
20050000
PublicationDateYYYYMMDD 2005-03-07
2005-01-01
PublicationDate_xml – month: 03
  year: 2005
  text: 20050307
  day: 07
PublicationDecade 2000
PublicationPlace Washington, DC, USA
PublicationPlace_xml – name: Washington, DC, USA
PublicationSeriesTitle ACM Conferences
PublicationTitle Design, Automation and Test in Europe
PublicationTitleAbbrev DATE
PublicationYear 2005
Publisher IEEE Computer Society
IEEE
Publisher_xml – name: IEEE Computer Society
– name: IEEE
SSID ssj0000394167
ssj0005329
Score 1.9269538
Snippet Security is emerging as an important concern in embedded system design. The security of embedded systems is often compromised due to vulnerabilities in...
SourceID proquest
ieee
acm
SourceType Aggregation Database
Publisher
StartPage 178
SubjectTerms Communication system security
Computer architecture
Computer systems organization -- Embedded and cyber-physical systems
Computer systems organization -- Real-time systems
Data security
Embedded software
Embedded system
General and reference -- Cross-computing tools and techniques -- Verification
Hardware
Hardware -- Hardware validation
Information security
Mathematics of computing -- Discrete mathematics -- Graph theory -- Graph algorithms
Monitoring
National electric code
Runtime
Software and its engineering -- Software creation and management -- Software development process management
Software and its engineering -- Software creation and management -- Software verification and validation -- Formal software verification
Software and its engineering -- Software organization and properties -- Software functional properties -- Formal methods -- Software verification
Theory of computation -- Semantics and reasoning -- Program reasoning -- Program analysis
Theory of computation -- Semantics and reasoning -- Program reasoning -- Program verification
Theory of computation -- Semantics and reasoning -- Program semantics
Title Secure Embedded Processing through Hardware-Assisted Run-Time Monitoring
URI https://ieeexplore.ieee.org/document/1395552
https://www.proquest.com/docview/31538856
WOSCitedRecordID wos000228086900033&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1JT-wwDLYAcYALu96w5gA3Am3TkvSIWMQBIQ68J25RFkfiMB3UmYG_j5N2BiSQnri16ha5ju3Pif0BHAtjJTnmkkCOtbxUFrkKVvFQSG9LSy4hFdL-u5cPD-r5uX5cgNN5LQwips1neBYP01q-H7lpTJWdU7RSVRUZ3EUpZVerNc-nZKIuU1H3bHuHSAxlNKEzTi477yB7TeEGxZR9553Zufhsvnl-ffl006Vaitg5cdG4YU-88s1aJxd0u_a7wa_D9mctH3uce6kNWMBmE9ZmZA6sn9ubsPqlM-EW3KU8PDIcWiTT5NlrV1BAF1lP7cNivda7aZFT_B2VxbN22vBIVs-GyVLEV23D39ubp6s73pMucEMAdcKVj5RVzmcVFjlKYY0yWJRG5kH5OtS5zUIVCDYWznjpArpMKJMJ6wnIkfsXO7DUjBr8A6zIHUWXASmi8KQOwtZGOoqfREEqobJyAEckXR3RxFgnMJLVOso_cmNWmuQ_gJP_3KFt-4JhAFtR4Pq169Che1nTB2Z_TNOsiUshpsHRdKxFNPSqutj9-cE9WEktWlOqZR-WJu0UD2DZvU1exu1hUrwP9JLOvQ
linkProvider IEEE
linkToHtml http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LT9wwEB5RWqn0wlssLeAD3DAkcUKcY1VAW3W74rAgbpYfY2kPm0XZXfj7jJ3sUolKVW-J8rIm45lvxp75AE6FNiU55pyCHGN4Lg1y6Y3kPiudyQ25hFhI-zAoh0P5-FjdrcH5qhYGEePmM7wIh3Et303tIqTKLgmtFEVBBvdjkedZ2lZrrTIqiajyWNa93OAhIkcZTemEk9NO26C9IsBBqLLrvbM8F2_tNy-vv49u2mRLFnonftB20lGvvLPX0Qndbv7f8Ldg762aj92t_NQ2rGG9A5tLOgfWze4d-PJHb8Jd6MdMPDKcGCTj5NhTW1JAF1lH7sNCxdaLbpATAg_q4lizqHmgq2eTaCvCq_bg_vZm9KPPO9oFrilEnXPpAmmVdUmBWYqlMFpqzHJdpl66ylepSXzhKXDMrHal9WgTIXUijKNQjgCA2If1elrjAbAstYQvPRKmcKQQwlS6tISgREZKIZO8ByckXRXiiZmK4UhSqSD_wI5ZKJJ_D87-cYcyzRh9D3aDwNVT26NDdbKmDyz_mKJ5ExZDdI3TxUyJYOplcXX49wdP4HN_9HugBj-Hv77CRmzYGhMv32B93izwCD7Z5_l41hxHJXwF5njSBA
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=Proceedings+of+the+conference+on+Design%2C+Automation+and+Test+in+Europe+-+Volume+1&rft.atitle=Secure+Embedded+Processing+through+Hardware-Assisted+Run-Time+Monitoring&rft.au=Arora%2C+Divya&rft.au=Ravi%2C+Srivaths&rft.au=Raghunathan%2C+Anand&rft.au=Jha%2C+Niraj+K.&rft.series=ACM+Conferences&rft.date=2005-03-07&rft.pub=IEEE+Computer+Society&rft.isbn=9780769522883&rft.spage=178&rft.epage=183&rft_id=info:doi/10.1109%2FDATE.2005.266
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1530-1591&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1530-1591&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1530-1591&client=summon