Click here to load reader
Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
EMBEDDED SYSTEMS SECURITY
SoMiC Workshop 2012
Presented By,
Satyajeet Nimgaonkar Email: [email protected]
1 04/09/2012 UNT CSCE SoMiC Workshop 2012
mailto:[email protected]
Agenda
• What are Embedded Systems ?
• Security issues in embedded systems.
• Security solutions.
• Hardware Security Architectures.
• Embedded system constraints.
• Motivation
• Proposed Energy Efficient Security Mechanism.
• State-of-the-Art.
• Summary & Conclusions.
2 04/09/2012 UNT CSCE SoMiC Workshop 2012
What are Embedded systems ???
• Dedicated system designed to serve a specific sub-task within a
larger system.
Characteristics :
• High performance systems, flexible enough to perform a variety of
computing tasks in a cost effective manner.
• Modern day embedded devices are often miniaturized, portable and highly
interconnected.
• Capable of tracking, storing information and even transmitting essential data
over the Internet.
3 04/09/2012 UNT CSCE SoMiC Workshop 2012
• Embedded systems have become ubiquitous in this era of computing.
• They access, store and communicate sensitive information like secret passwords,
credit card numbers and bank account numbers etc.
• Hence security is essential.
4 04/09/2012 UNT CSCE SoMiC Workshop 2012
Internet
Security issues in embedded systems
• The operating environment allows the adversary to have complete control of
the computing node - supervisory privileges along with complete physical
and architectural object observational capabilities.
• Also vulnerable to software based and network based attacks.
5 04/09/2012 UNT CSCE SoMiC Workshop 2012
Current Security Scenario
• Symantec Internet Security Threat Report (2010).
286M+ Threats.
93% increase in Web Attacks.
260,000 Identities exposed per data breach.
42% more vulnerabilities in Mobile.
$0.07 to $100 price range for each stolen credit card number.
• Mobile and Smart Device Security Survey (2011)
65% corporate personnel require a regular attention from their I.T Staff
for non-PC based device attacks.
• Wall Street Journal Report (2008) –
Cyberspies have recently penetrated the U.S. electrical grid system and left
behind software that could be used to disrupt it at a future date.
6 04/09/2012 UNT CSCE SoMiC Workshop 2012
• Software Security Solutions
Software Obfuscation.
Software Watermarking
• Pros
Easy to build.
Flexible to modify.
• Cons
Huge code-base.
No root of trust.
7
Possible security solutions
• Hardware Security Solutions
TPM.
Security Architectures etc.
• Pros
Better reliability.
Trustworthy root-of-trust.
• Cons
Difficult to test and build.
Difficult to modify.
Costly.
04/09/2012 UNT CSCE SoMiC Workshop 2012
Example: AEGIS Hardware Security Architecture
8
Secure Architectures
Reference: Suh, G.E.; O'Donnell, C.W.; Devadas, S.; , "Aegis: A Single-Chip Secure Processor," Design & Test of Computers, IEEE ,
vol.24, no.6, pp.570-580, Nov.-Dec. 2007 , doi: 10.1109/MDT.2007.179
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4397182&isnumber=4397167
04/09/2012 UNT CSCE SoMiC Workshop 2012
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4397182&isnumber=4397167
Encryption/Decryption
• Process of transforming information to make it unreadable to unwanted
entities.
• C = Ek(M) and M = DK(C)
• Provides confidentiality to data.
• Common algorithms – AES, DES, RC2 etc.
9
Security mechanisms
Reference: Suh, G.E.; O'Donnell, C.W.; Devadas, S.; , "Aegis: A Single-Chip Secure Processor," Design &
Test of Computers, IEEE , vol.24, no.6, pp.570-580, Nov.-Dec. 2007 , doi: 10.1109/MDT.2007.179
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4397182&isnumber=4397167
04/09/2012 UNT CSCE SoMiC Workshop 2012
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4397182&isnumber=4397167
Memory Integrity Verification
• Achieved with Merkle Hash Trees.
• Data is located at leaves.
• Internal nodes = Hash(concatenation
of its children).
• Root is stored in secure memory where
it cannot be tampered.
10
Security mechanisms cont…
Reference: Suh, G.E.; O'Donnell, C.W.; Devadas, S.; , "Aegis: A Single-Chip Secure Processor," Design & Test of Computers,
IEEE , vol.24, no.6, pp.570-580, Nov.-Dec. 2007 , doi: 10.1109/MDT.2007.179
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4397182&isnumber=4397167
04/09/2012 UNT CSCE SoMiC Workshop 2012
http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4397182&isnumber=4397167
• Severe constraints on energy consumption, area, performance, speed and lifetime.
• Hardware security mechanisms are computationally intensive and account for excessive energy consumption.
11
Embedded system constraints
04/09/2012 UNT CSCE SoMiC Workshop 2012
Reference: N. R. Potlapally, S. Ravi, A. Raghunathan, N. K. Jha, Analyzing the energy consumption of security protocol, ISLPED.
• Concentrate on Memory Integrity Verification (MIV) mechanism and design
novel schemes to make them energy efficient.
• Proposed Novel energy efficient MIV mechanism for embedded systems,
based on sensors.
• Published in proceeding of International Symposium on Electronic System
Design (ISED), 2011
12
Motivation
04/09/2012 UNT CSCE SoMiC Workshop 2012
• Embedded systems typically employ several sensors to interact with its
environment.
• [1], [2] and [3] deploy hardware sensors to measure power dissipation and
thermal dissipation in the CPU.
• Similarly, [3] makes use of a current Sensor Module to predict the power
consumption of their architecture.
• The intuition is to use these sensors to detect any physical attack on the memory.
• Integrity verification is performed only when an attack is detected.
13
Proposed mechanism
04/09/2012 UNT CSCE SoMiC Workshop 2012
References:
[1]. Dongkeun Oh, Nam Sung Kim, Charlie Chung Ping Chen, Azadeh Davoodi, and Yu Hen Hu. Runtime temperature-based
power estimation for optimizing throughput of thermal-constrained multi-core processors. Proceedings of the 2010 Asia and South
Pacific Design Automation Conference (ASPDAC’10), 2010.
[2]. Rich McGowen, Christopher A. Poirier, Chris Bostak, Jim Ignowski, Mark Millican,Warren H. Parks, and Samuel Naffziger.
Power and temperature control on a 90-nm itanium family processor. IEEE JOURNAL OF SOLID-STATE CIRCUITS, 41(1),
2006.
[3]. Lide Zhang, Lan S. Bai, Robert P. Dick, Li Shang, and Russ Joseph. Process variation characterization of chip-level
multiprocessors. DAC’09, 2009.
[4]. R. Muresan, Y. Zhanrong H. Vahedi, and S. Gregori. Power-smart system-on-chip architecture for embedded cryptosystems.
CODES+ISSS, 2005.
14
Proposed Architecture
04/09/2012 UNT CSCE SoMiC Workshop 2012
15
Proposed architecture cont…
04/09/2012 UNT CSCE SoMiC Workshop 2012
Write Operation Read Operation
16
Proposed architecture cont…
04/09/2012 UNT CSCE SoMiC Workshop 2012
• This Detect and Protect mechanism creates multiple hash trees for
verification.
• The verification terminates once the memory block’s hash is verified.
• This creates multiple Disjoint Hash Trees in the memory.
17
Energy Consumption Model
04/09/2012 UNT CSCE SoMiC Workshop 2012
• We propose a probabilistic model to estimate average number of hash
invocations.
• Based on whether the hash of a block of memory is present in the cache or
not.
• This probability is called as a cache hit or cache miss.
18
Results and Analysis
04/09/2012 UNT CSCE SoMiC Workshop 2012
Simulation Framework
• Based on Simplescalar Tool Set, configured to execute Alpha binaries.
• Simulations were performed using a cache based simulator - sim-cache on
Spec2k benchmarks.
Cache Configurations
• Modeled behind ARM cache configurations.
• L1-D Cache: 8KB, 2-way, 32B Line
• L1-I Cache: 16KB, 2-way, 32B Line
• L2-D Cache & L2-I: None
19
Experimental Setup
04/09/2012 UNT CSCE SoMiC Workshop 2012
• Identified two false positives based on the working of MIV and sensor -
Random block to predict the infected memory block and Window size to
predict the number of memory accesses required for the MIV to function.
• Random block size - 16, 20 and 24 bits & Window size - 2000, 8000 and
15000 memory accesses.
• Random attack seed of same size of block size is embedded.
• Number of disjoint trees represent the number of secrets that can be stored
on-chip. Varied for 3 values - 16, 64 and 128.
• Simulations conducted for all 27 possible combinations.
20
Simulation Algorithm
04/09/2012 UNT CSCE SoMiC Workshop 2012
• Inputs: Random block size, Window size, No. of Disjoint trees.
• Sensor monitors the system to detect an attack.
• if Random attack seed == Random Block. (There is an anomaly)
• Invoke MIV for given Window size; Generate disjoint trees.
• During this keep repeating steps 2 & 3.
• If there is match again. (The anomaly persists)
• Extend the Window size; keep generating disjoint trees.
• Else anomaly has subsided.
• De-couple the MIV.
• Keep repeating step 2.
21
Results
04/09/2012 UNT CSCE SoMiC Workshop 2012
Base case Results Average Energy Saved in % for 16 Disjoint Trees
Average Energy Saved in % for 128 Disjoint Trees Average Energy Saved in % for 64 Disjoint Trees
State-of-the-art
22 04/09/2012 UNT CSCE SoMiC Workshop 2012
Authors Proposed Limitations
Shi et al. Authentication Speculative Execution to
authenticate shared memory.
5% energy degradation.
Catherine et al. Model for key masking 2.5% overhead savings
Muresan et al. Power-Smart System-On-Chip
Architecture
Overhead of 12% of the
total power.
Roger et al. Protect integrity of softwares by signing
each instruction block
5% performance
overhead and 12.5%
memory overhead.
Gelbart et al. Architectural approach to address
memory spoofing attacks.
Performance overhead
ranging between 4.5%
and 26%.
Architectural Approaches
State-of-the-art cont…
23 04/09/2012 UNT CSCE SoMiC Workshop 2012
Authors Proposed Limitations
Gassend et al. CHash and LHash with varying cache
block sizes
Increases memory
Bandwidth
requirements; high
overhead.
Roger et al. Address Independent Seed Encryption
(AISE) is proposed along with Bonsai
Merkle Trees (BMT)
only 12% to 2%
overhead savings.
Gordon-Ross et al. Low overhead encryption algorithms
and cache level tuning
53% energy savings.
Yan et al. Split-counter scheme for memory
encryption and authentication
20% overhead
improvement.
Memory Encryption and Authentication Approaches
Summary and Conclusions
• There is always a trade-off between security and energy consumption in Embedded
Systems.
• Embedded devices are typically fast, miniaturized and specific to their application
and hence often pose severe energy constraints.
• As they now handle a lot of critical information, security is of utmost importance in
them.
• Therefore the need arises to design new security mechanisms so that their energy
consumption is minimal while still preserving the security of the system.
• With this motivation, we specifically focus on reducing the energy consumption of
Memory Integrity Verification mechanisms in embedded systems and propose an
energy efficient mechanism based on sensors that achieves energy saving in the range
of 88% - 99%.
24 04/09/2012 UNT CSCE SoMiC Workshop 2012
Thank You
Any Questions?
Can email me at
25 04/09/2012 UNT CSCE SoMiC Workshop 2012
mailto:[email protected]