Topics in Secure Embedded System Design
Pervasive networks have led to widespread use of embedded systems, like cell phones, PDAs, RFIDs etc., in increasingly diverse applications. Many of these embedded system appli- cations handle sensitive data (e.g., credit card information on a mobile phone/PDA) or perform critical functions (e.g., medical devices or automotive electronics), and the use of security protocols is imperative to maintain con dentiality, integrity and authentication of these applications. Typically embedded systems have low computing power and nite energy supply based on a battery, and these factors are at odds with the computationally intensive nature of the cryptographic algorithms underlying many security protocols. In addition, secure embedded systems are vulnerable to attacks, like physical tampering, malware and side-channel attacks. Thus, design of secure embedded systems is guided by the following factors: small form factor, good performance, low energy consumption (and, thus,longer battery life), and robustness to attacks. This thesis presents our work on tackling three issues in the design of secure embedded systems: energy consumption, performance and robustness to side-channel attacks. First, we present our work on optimizing the energy consumption of the widely employed secure sockets layer (SSL) protocol running on an embedded system. We discuss results of energy analysis of various cryptographic algorithms, and the manner in which this information can be used to adapt the operation of SSL protocol to save energy. Next, we present results of our experiments on optimizing the performance of Internet protocol security (IPSec) protocol on an embedded processor. Depending on the mode of operation, the IPSec computation is dominated by cryptographic or non-cryptographic processing. We demonstrate how both these components of the IPSec protocol can be optimized by leveraging the extensible and con gurable features of an embedded processor. Next, we introduce a satisfability-based framework for enabling side-channel attacks on cryptographic software running on an embedded processor. This framework enables us to identify variables in the software implementations which result in the disclosure of the secret key used. Thus, security of software implementations can be improved by better protection of these identified variables. Finally, we conclude by introducing a novel memory integrity checking protocol that has much lower communication complexity than existing Merkle tree-based protocols while incurring a modest price in computation on the processor. This scheme is based on Toeplitz matrices, and can be very efficiently realized on embedded systems with hardware extensions for bit matrix operations.
Electrical Ground Rules Part 2
Best Practices for Grounding Your Electrical Equipment Examining our use of ground as protection, and how ground fault circuit interrupter devices operate to protect us from severe shock (Part 2 of 3)
Electrical Ground Rules Part 3
Best Practices for Grounding Your Electrical Equipment Examining the role of ground as a voltage stabilizer and transient limiter, along with tips on improving safety and signal integrity (Part 3 of 3)
Five Steps to Improving Security in Embedded Systems
In today’s increasingly interconnected world, security breaches are becoming ever more prevalent, with escalating complexity challenges. How can embedded device developers balance the need for tighter security with competing business and market demands? This paper outlines five steps for building additional security assurance into embedded devices by considering the whole product lifecycle.
Electrical Ground Rules Part 1
Best Practices for Grounding Your Electrical Equipment A look at circuit grounding and its importance to you, as well as the US AC power system and its use of earth ground (Part 1 of 3)
Freescale Trust Computing and Security in the Smart Grid
With the increasing deployment of automated technical solutions in the implementation of automated metering reading (AMR), advanced metering infrastructure (AMI) and smart grid infrastructure, possibilities of security attacks like data hacking, introducing malware in the system and cyber attacks are on the rise as well. Vulnerabilities in AMI devices include non-secure data buses, serial connections or remote access to debug port. The question arises: how can data security and customer privacy in smart meters and smart energy gateways be ensured? This paper talks about how trusted computing helps resolve security issues in implementing the smart grid by providing a clear idea of what elements of the system are trusted—and to what level and why. Freescale solutions that embed trusted computing are also covered.
Transforming 64-Bit Windows to Deliver Software-Only Real-Time Performance
Next-generation industrial, vision, medical and other systems seek to combine highend graphics and rich user interfaces with hard real-time performance, prioritization and precision.Today’s industrial PCs running 64-bit Windows, complemented by a separate scheduler on multicore multiprocessors, can deliver that precise real-time performance on software-defined peripherals.
Interface Protection for HDMI
The High-Definition Multimedia Interface (HDMI) combines a high-speed unidirectional TMDS data link with low speed, bidirectional control and status links (DDC and CEC) and configuration protocols in a single user-friendly highperformance connector.
Five Steps to Improving Security in Embedded Systems
In today’s increasingly interconnected world, security breaches are becoming ever more prevalent, with escalating complexity challenges. How can embedded device developers balance the need for tighter security with competing business and market demands? This paper outlines five steps for building additional security assurance into embedded devices by considering the whole product lifecycle.
Interface Protection for HDMI
The High-Definition Multimedia Interface (HDMI) combines a high-speed unidirectional TMDS data link with low speed, bidirectional control and status links (DDC and CEC) and configuration protocols in a single user-friendly highperformance connector.
Transforming 64-Bit Windows to Deliver Software-Only Real-Time Performance
Next-generation industrial, vision, medical and other systems seek to combine highend graphics and rich user interfaces with hard real-time performance, prioritization and precision.Today’s industrial PCs running 64-bit Windows, complemented by a separate scheduler on multicore multiprocessors, can deliver that precise real-time performance on software-defined peripherals.
Electrical Ground Rules Part 3
Best Practices for Grounding Your Electrical Equipment Examining the role of ground as a voltage stabilizer and transient limiter, along with tips on improving safety and signal integrity (Part 3 of 3)
Electrical Ground Rules Part 2
Best Practices for Grounding Your Electrical Equipment Examining our use of ground as protection, and how ground fault circuit interrupter devices operate to protect us from severe shock (Part 2 of 3)
Electrical Ground Rules Part 1
Best Practices for Grounding Your Electrical Equipment A look at circuit grounding and its importance to you, as well as the US AC power system and its use of earth ground (Part 1 of 3)
Freescale Trust Computing and Security in the Smart Grid
With the increasing deployment of automated technical solutions in the implementation of automated metering reading (AMR), advanced metering infrastructure (AMI) and smart grid infrastructure, possibilities of security attacks like data hacking, introducing malware in the system and cyber attacks are on the rise as well. Vulnerabilities in AMI devices include non-secure data buses, serial connections or remote access to debug port. The question arises: how can data security and customer privacy in smart meters and smart energy gateways be ensured? This paper talks about how trusted computing helps resolve security issues in implementing the smart grid by providing a clear idea of what elements of the system are trusted—and to what level and why. Freescale solutions that embed trusted computing are also covered.
Topics in Secure Embedded System Design
Pervasive networks have led to widespread use of embedded systems, like cell phones, PDAs, RFIDs etc., in increasingly diverse applications. Many of these embedded system appli- cations handle sensitive data (e.g., credit card information on a mobile phone/PDA) or perform critical functions (e.g., medical devices or automotive electronics), and the use of security protocols is imperative to maintain con dentiality, integrity and authentication of these applications. Typically embedded systems have low computing power and nite energy supply based on a battery, and these factors are at odds with the computationally intensive nature of the cryptographic algorithms underlying many security protocols. In addition, secure embedded systems are vulnerable to attacks, like physical tampering, malware and side-channel attacks. Thus, design of secure embedded systems is guided by the following factors: small form factor, good performance, low energy consumption (and, thus,longer battery life), and robustness to attacks. This thesis presents our work on tackling three issues in the design of secure embedded systems: energy consumption, performance and robustness to side-channel attacks. First, we present our work on optimizing the energy consumption of the widely employed secure sockets layer (SSL) protocol running on an embedded system. We discuss results of energy analysis of various cryptographic algorithms, and the manner in which this information can be used to adapt the operation of SSL protocol to save energy. Next, we present results of our experiments on optimizing the performance of Internet protocol security (IPSec) protocol on an embedded processor. Depending on the mode of operation, the IPSec computation is dominated by cryptographic or non-cryptographic processing. We demonstrate how both these components of the IPSec protocol can be optimized by leveraging the extensible and con gurable features of an embedded processor. Next, we introduce a satisfability-based framework for enabling side-channel attacks on cryptographic software running on an embedded processor. This framework enables us to identify variables in the software implementations which result in the disclosure of the secret key used. Thus, security of software implementations can be improved by better protection of these identified variables. Finally, we conclude by introducing a novel memory integrity checking protocol that has much lower communication complexity than existing Merkle tree-based protocols while incurring a modest price in computation on the processor. This scheme is based on Toeplitz matrices, and can be very efficiently realized on embedded systems with hardware extensions for bit matrix operations.
Five Steps to Improving Security in Embedded Systems
In today’s increasingly interconnected world, security breaches are becoming ever more prevalent, with escalating complexity challenges. How can embedded device developers balance the need for tighter security with competing business and market demands? This paper outlines five steps for building additional security assurance into embedded devices by considering the whole product lifecycle.
Interface Protection for HDMI
The High-Definition Multimedia Interface (HDMI) combines a high-speed unidirectional TMDS data link with low speed, bidirectional control and status links (DDC and CEC) and configuration protocols in a single user-friendly highperformance connector.
Topics in Secure Embedded System Design
Pervasive networks have led to widespread use of embedded systems, like cell phones, PDAs, RFIDs etc., in increasingly diverse applications. Many of these embedded system appli- cations handle sensitive data (e.g., credit card information on a mobile phone/PDA) or perform critical functions (e.g., medical devices or automotive electronics), and the use of security protocols is imperative to maintain con dentiality, integrity and authentication of these applications. Typically embedded systems have low computing power and nite energy supply based on a battery, and these factors are at odds with the computationally intensive nature of the cryptographic algorithms underlying many security protocols. In addition, secure embedded systems are vulnerable to attacks, like physical tampering, malware and side-channel attacks. Thus, design of secure embedded systems is guided by the following factors: small form factor, good performance, low energy consumption (and, thus,longer battery life), and robustness to attacks. This thesis presents our work on tackling three issues in the design of secure embedded systems: energy consumption, performance and robustness to side-channel attacks. First, we present our work on optimizing the energy consumption of the widely employed secure sockets layer (SSL) protocol running on an embedded system. We discuss results of energy analysis of various cryptographic algorithms, and the manner in which this information can be used to adapt the operation of SSL protocol to save energy. Next, we present results of our experiments on optimizing the performance of Internet protocol security (IPSec) protocol on an embedded processor. Depending on the mode of operation, the IPSec computation is dominated by cryptographic or non-cryptographic processing. We demonstrate how both these components of the IPSec protocol can be optimized by leveraging the extensible and con gurable features of an embedded processor. Next, we introduce a satisfability-based framework for enabling side-channel attacks on cryptographic software running on an embedded processor. This framework enables us to identify variables in the software implementations which result in the disclosure of the secret key used. Thus, security of software implementations can be improved by better protection of these identified variables. Finally, we conclude by introducing a novel memory integrity checking protocol that has much lower communication complexity than existing Merkle tree-based protocols while incurring a modest price in computation on the processor. This scheme is based on Toeplitz matrices, and can be very efficiently realized on embedded systems with hardware extensions for bit matrix operations.
Transforming 64-Bit Windows to Deliver Software-Only Real-Time Performance
Next-generation industrial, vision, medical and other systems seek to combine highend graphics and rich user interfaces with hard real-time performance, prioritization and precision.Today’s industrial PCs running 64-bit Windows, complemented by a separate scheduler on multicore multiprocessors, can deliver that precise real-time performance on software-defined peripherals.
Electrical Ground Rules Part 1
Best Practices for Grounding Your Electrical Equipment A look at circuit grounding and its importance to you, as well as the US AC power system and its use of earth ground (Part 1 of 3)
Freescale Trust Computing and Security in the Smart Grid
With the increasing deployment of automated technical solutions in the implementation of automated metering reading (AMR), advanced metering infrastructure (AMI) and smart grid infrastructure, possibilities of security attacks like data hacking, introducing malware in the system and cyber attacks are on the rise as well. Vulnerabilities in AMI devices include non-secure data buses, serial connections or remote access to debug port. The question arises: how can data security and customer privacy in smart meters and smart energy gateways be ensured? This paper talks about how trusted computing helps resolve security issues in implementing the smart grid by providing a clear idea of what elements of the system are trusted—and to what level and why. Freescale solutions that embed trusted computing are also covered.
Electrical Ground Rules Part 3
Best Practices for Grounding Your Electrical Equipment Examining the role of ground as a voltage stabilizer and transient limiter, along with tips on improving safety and signal integrity (Part 3 of 3)
Electrical Ground Rules Part 2
Best Practices for Grounding Your Electrical Equipment Examining our use of ground as protection, and how ground fault circuit interrupter devices operate to protect us from severe shock (Part 2 of 3)
