Abstract
The need for a secure communication between two entities in a system is mandatory to protect the trustworthiness of the system. For example, consider an embedded system inside an automobile where two Electronic Control Units (ECUs) attached to a bus are communicating with each other. Such a system is rather secure against attacks from each other because the two ECUs and thus the tasks executing on them are physically separated from each other by design. However, this is not the case when two tasks, one of them being safety/security critical, execute on the same ECU in parallel because it opens an opportunity for a mutual impact by the tasks, for example, due to a shared resource such as the local memory. Thus, the goal of this contribution is to establish a secure isolation between such tasks to avoid an un-authorized communication and thus to build a trusted embedded system. Though, there exist approaches in the literature, for example, based on virtualization technology and others to address this issue, either they are only software-based or not suitable for embedded systems. In contrast, the proposed approach in here is not only hardware-based, which is more secure, but also lightweight in its design. In specific, the proposed approach, utilizes a security module with minimal Trusted Computing (TC) technology features tailored to the needs of a resource constrained embedded system. Additionally, a proof-of-concept implementation of the proposed approach is performed to illustrate the design feasibility.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Xilinx, http://www.xilinx.com/support/documentation/virtex-5.htm
Groll, A., Holle, J., Ruland, C., Wolf, M., Wollinger, T., Zweers, F.: OVERSEE - A Secure and Open Communication and Runtime Platform for Innovative Automotive Applications. In: Proc. 7th Escar Conference - Embedded Security in Cars (2009)
Autosar, Org.: Specification of Crypto Service Manager (2011), http://www.autosar.org/download/R4.0/AUTOSAR_SWS_CryptoServiceManager.pdf
Behrmann, G., David, A., Larsen, K.G.: A Tutorial on Uppaal 2004-11-17. Tech. rep., Aalborg University, Denmark (November 2004)
Dierks, H., Metzner, A., Stierand, I.: Efficient Model-Checking for Real-Time Task Networks. In: International Conference on Embedded Software and Systems, ICESS (2009)
Dolev, D., Yao, A.C.: On the security of public key protocols. Tech. rep., Stanford, CA, USA (1981)
Intel: Low Pin Count (LPC) Interface Specification. Intel Corp. (August 2002)
National Institute of Standards and Technology (NIST): Secure Hash Standard, SHS (1995)
National Institute of Standards and Technology (NIST): Advanced Encryption Standard, AES (2001)
National Institute of Standards and Technology (NIST): The Keyed-Hash Message Authentication Code, HMAC (2002)
Perez, R., Sailer, R., van Doorn, L.: vtpm: virtualizing the trusted platform module. In: Proc. 15th Conf. on USENIX Security Symposium, pp. 305–320 (2006)
Popp, T.: An Introduction to Implementation Attacks and Countermeasures. In: Proceedings of IEEE/ACM International Conference on Formal Methods and Models for Co-Design (MEMOCODE 2009), pp. 108–115 (2009)
Trusted Computing Group, Inc.: Trusted Platform Module (TPM) specifications (2010), http://www.trustedcomputinggroup.org/resources/tpm_main_specification
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Malipatlolla, S. (2013). A Novel Approach for a Hardware-Based Secure Process Isolation in an Embedded System. In: Thampi, S.M., Atrey, P.K., Fan, CI., Perez, G.M. (eds) Security in Computing and Communications. SSCC 2013. Communications in Computer and Information Science, vol 377. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40576-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-40576-1_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40575-4
Online ISBN: 978-3-642-40576-1
eBook Packages: Computer ScienceComputer Science (R0)