• DocumentCode
    2588056
  • Title

    Compiler/hardware assisted application code and data security in embedded systems

  • Author

    Chunguang Bu ; Xiang Wang ; Chi Zhang ; Jizhong Liu ; Xiaodong Wang ; Baosen Li

  • Author_Institution
    Sch. of Electron. & Inf. Eng., Beihang Univ., Beijing, China
  • fYear
    2009
  • fDate
    23-29 Oct. 2009
  • Abstract
    Embedded systems have stepped deeper into Integrated Avionics systems, and security is becoming an important concern. Most embedded systems present a number of software vulnerabilities, such as buffer overflows. Furthermore, the rapid growth and pervasive use of embedded systems makes it easier for a sophisticated attacker to gain physical access to launch physical attacks on insecure off-chip main memory. This paper presents a novel compiler/hardware assisted application code and data protection architecture (CHCDP) to monitor the execution of application. The compiler extracts the control flow and static data integrity validation information using hashing and cyclical redundancy check (CRC) integrity algorithms at compile time. The dynamic data integrity validation is generated in the process of application execution. Likewise, the function return address and frame point are also protected at runtime. The designed hardware observes its dynamic execution trace and checks whether the trace conforms to the permissible behavior. And it will trigger appropriate response mechanisms if finding a mismatch. An OR1200 processor is assigned to build a system on a programmable chip (SOPC) that implements the architectural design. The experimental analysis shows that the proposed techniques can eliminate a wide range of common software and physical attacks with low performance penalties and minimal overheads.
  • Keywords
    buffer storage; cyclic redundancy check codes; embedded systems; microprocessor chips; program compilers; program control structures; security of data; system-on-chip; CRC integrity algorithm; OR1200 processor; architectural design; buffer overflow; compiler; control flow; cyclical redundancy check; data protection architecture; data security; dynamic data integrity validation; dynamic execution trace; embedded system; hardware assisted application code; hashing; off-chip main memory; physical attack; software vulnerability; static data integrity validation information; system on a programmable chip; Aerospace electronics; Application software; Buffer overflow; Computer architecture; Cyclic redundancy check; Data security; Embedded software; Embedded system; Hardware; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Digital Avionics Systems Conference, 2009. DASC '09. IEEE/AIAA 28th
  • Conference_Location
    Orlando, FL
  • Print_ISBN
    978-1-4244-4078-8
  • Type

    conf

  • DOI
    10.1109/DASC.2009.5347415
  • Filename
    5347415