Skip to main content
SpringerLink
Log in

Secure and Trusted Application Execution on Embedded Devices

  • Conference paper
  • First Online:
Book cover Innovative Security Solutions for Information Technology and Communications (SECITC 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9522))

Included in the following conference series:

Abstract

Embedded devices have permeated into our daily lives and significant day-to-day mundane tasks involve a number of embedded systems. These include smart cards, sensors in vehicles and industrial automation systems. Satisfying the requirements for trusted, reliable and secure embedded devices is more vital than ever before. This urgency is also strengthened further by the potential advent of the Internet of Things and Cyber-Physical Systems. As our reliance on these devices is increasing, the significance of potential threats should not be underestimated, especially as a number of embedded devices are built to operate in malicious environments, where they might be in the possession of an attacker. The challenge to build secure and trusted embedded devices is paramount. In this paper, we examine the security threats to embedded devices along with the associated prevention mechanisms. We also present a holistic approach to the security and trust of embedded devices, from the hardware design, reliability and trust of the runtime environment to the integrity and trustworthiness of the executing applications. The proposed protection mechanisms provide a high degree of security at a minimal computational cost. Such an agnostic view on the security and trust of the embedded devices can be pivotal in their adoption and trust acquisition from the general public and service providers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Website: http://www.merriam-webster.com/dictionary/trust.

  2. 2.

    Trusted Computing Group (TCG) is the culmination of industrial efforts that included the Trusted Computing Platform Association (TCPA), Microsoft’s Palladium, later called Next Generation Computing Base (NGSCB), and Intel’s LaGrande. All of them proposed how to ascertain trust in a device’s state in a distributed environment. These efforts were combined in the TCG specification that resulted in the proposal of TPM.

References

  1. FIPS 140–2: Security Requirements for Cryptographic Modules, May 2005. http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf

  2. Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and General Model, Part 2: Security Functional Requirements, Part 3: Security Assurance Requirements, August 2006. http://www.commoncriteriaportal.org/thecc.html

  3. GlobalPlatform: GlobalPlatform Card Specification, Version 2.2, March 2006

    Google Scholar 

  4. GlobalPlatform Device: GPD/STIP Specification Overview. Specification Version 2.3, GlobalPlatform, August 2007

    Google Scholar 

  5. Trusted Computing Group, TCG Specification Architecture Overview. revision 1.4, The Trusted Computing Group (TCG), Beaverton, Oregon, USA, August 2007. http://www.trustedcomputinggroup.org/files/resource_files/AC652DE1-1D09-3519-ADA026A0C05CFAC2/TCG_1_4_Architecture_Overview.pdf

  6. GlobalPlatform Device Technology: Device Application Security Management - Concepts and Description Document Specification, April 2008

    Google Scholar 

  7. ARM Security Technology: Building a Secure System using TrustZone Technology. White Paper PRD29-GENC-009492C, ARM (2009)

    Google Scholar 

  8. Java Card Platform Specification: Classic Edition; Application Programming Interface, Runtime Environment Specification, Virtual Machine Specification, Connected Edition; Runtime Environment Specification, Java Servlet Specification, Application Programming Interface, Virtual Machine Specification, Sample Structure of Application Modules, May 2009. http://java.sun.com/javacard/3.0.1/specs.jsp

  9. GlobalPlatform Device Technology: TEE System Architecture. Specification Version 0.4, GlobalPlatform, October 2011

    Google Scholar 

  10. Inquiry into Counterfeit Electronic Parts in the Department of Defense Supply Chain. Online, September 2012. http://www.levin.senate.gov/download/?id=24b3f08d-02a3-42d0-bc75-5f673f3a8c93

  11. Winning the Battle Against Counterfeit Semiconductor Products. Online, August 2013. http://www.semiconductors.org/clientuploads/Product

  12. Agency, D.A.R.P.: Darpa baa06-40, a trust for integrated circuits, May 2013. https://www.fbo.gov/index?s=opportunity&mode=form&id=db4ea611cad3764814b6937fcab2180a&tab=core&_cview=1

  13. Agrawal, D., Baktir, S., Karakoyunlu, D., Rohatgi, P., Sunar, B.: Trojan detection using IC fingerprinting. In: IEEE Symposium on Security and Privacy, SP 2007, pp. 296–310 (2007)

    Google Scholar 

  14. Akram, R.N., Markantonakis, K., Mayes, K.: Firewall mechanism in a user centric smart card ownership model. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 118–132. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Akram, R.N., Markantonakis, K., Mayes, K.: Application-binding protocol in the user centric smart card ownership model. In: Parampalli, U., Hawkes, P. (eds.) ACISP 2011. LNCS, vol. 6812, pp. 208–225. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  16. Akram, R.N., Markantonakis, K., Mayes, K.: Cross-platform application sharing mechanism. In: Wang, H., Tate, S.R., Xiang, Y. (eds.) 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2011). IEEE Computer Society, Changsha, November 2011

    Google Scholar 

  17. Akram, R.N., Markantonakis, K., Mayes, K.: Building the bridges - a proposal for merging different paradigms in mobile NFC ecosystem. In: Xie, S. (ed.) The 8th International Conference on Computational Intelligence and Security (CIS 2012). IEEE Computer Society, Guangzhou, November 2012

    Google Scholar 

  18. Akram, R.N., Markantonakis, K., Mayes, K.: A secure and trusted channel protocol for the user centric smart card ownership model. In: 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2013). IEEE Computer Society, Melbourne (2013)

    Google Scholar 

  19. Akram, R.N., Markantonakis, K., Mayes, K.: Recovering from lost digital Wallet. In: Xiang, F.G.M., Ruj, S. (eds.) The 4th IEEE International Symposium on Trust, Security, and Privacy for Emerging Applications (TSP 2013). IEEE CS, Zhangjiajie, November 2013

    Google Scholar 

  20. Akram, R.N., Markantonakis, K., Mayes, K.: Remote Attestation Mechanism based on Physical Unclonable Functions. In: Zhou, C.M., Weng, J. (eds.) The 2013 Workshop on RFID and IoT Security (RFIDsec 2013 Asia). IOS Press., Guangzhou, November 2013

    Google Scholar 

  21. Akram, R.N., Markantonakis, K., Mayes, K.: Remote attestation mechanism for user centric smart cards using pseudorandom number generators. In: Qing, S., Zhou, J., Liu, D. (eds.) ICICS 2013. LNCS, vol. 8233, pp. 151–166. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  22. Allen, F.: Control flow analysis. In: Proceedings of a Symposium on Compiler Optimization, pp. 1–19. ACM, New York, July 1970. http://doi.acm.org/10.1145/800028.808479

  23. Bellare, M., Garay, J.A., Rabin, T.: Fast batch verification for modular exponentiation and digital signatures. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 236–250. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  24. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  25. Chakravarthi, S., Krishnan, A., Reddy, V., Machala, C., Krishnan, S.: A comprehensive framework for predictive modeling of negative bias temperature instability. In: 42nd Annual 2004 IEEE International Reliability Physics Symposium Proceedings, pp. 273–282 (2004)

    Google Scholar 

  26. Commerce, U.D.O.: Defense industrial base assessment: Counterfeit electronics. Technical report, Bureau of Industry and Security, Office of Technology Evaluation, January 2010. http://www.bis.doc.gov/defenseindustrialbaseprograms/osies/defmarketresearchrpts/final_counterfeit_electronics_report.pdf

  27. Cowan, C., Pu, C., Maier, D., Hintony, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: Stackguard: automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th Conference on USENIX Security Symposium - Volume 7, SSYM 1998, pp. 5–5. USENIX Association, Berkeley (1998). http://dl.acm.org/citation.cfm?id=1267549.1267554

  28. Éluard, M., Jensen, T.: Secure Object Flow Analysis for Java Card. In: CARDIS 2002: Proceedings of the 5th Conference on Smart Card Research and Advanced Application Conference, pp. 11–11. USENIX Association, Berkeley (2002)

    Google Scholar 

  29. Fink, A.: Markov Models for Pattern Recognition. Springer, Heidelberg (2008)

    MATH  Google Scholar 

  30. Force, D.S.B.T.: High performance microchip supply, May 2013. http://www.acq.osd.mil/dsb/reports/ADA435563.pdf

  31. Frantzen, M., Shuey, M.: Stackghost: hardware facilitated stack protection. In: Proceedings of the 10th Conference on USENIX Security Symposium - Vol. 10. SSYM 2001, USENIX Association, Berkeley (2001). http://dl.acm.org/citation.cfm?id=1251327.1251332

  32. Gassend, B., Clarke, D., van Dijk, M., Devadas, S.: Silicon physical random functions. In: Proceedings of the 9th ACM conference on Computer and Communications Security, CCS 2002, pp. 148–160. ACM, New York (2002)

    Google Scholar 

  33. Henniger, O., Apvrille, L., Fuchs, A., Roudier, Y., Ruddle, A., Weyl, B.: Security requirements for automotive on-board networks. In: 2009 9th International Conference on Intelligent Transport Systems Telecommunications, (ITST), pp. 641–646. IEEE (2009)

    Google Scholar 

  34. Forney, Jr., D.F.: The Viterbi Algorithm: a personal history. CoRR abs/cs/0504020 (2005)

  35. Kennell, R., Jamieson, L.H.: Establishing the genuinity of remote computer systems. In: Proceedings of the 12th Conference on USENIX Security Symposium - Volume 12, pp. 21–21. USENIX Association, Berkeley (2003). http://portal.acm.org/citation.cfm?id=1251353.1251374

  36. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  37. Koushanfar, F., Sadeghi, A.R., Seudie, H.: EDA for secure and dependable cybercars: challenges and opportunities. In: 2012 49th ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 220–228 (2012)

    Google Scholar 

  38. LeCroy, T.: Teledyne LeCroy website, February 2013. http://www.teledynelecroy.com

  39. Lieberman, J.I.: The national security aspects of the global migration of the u.s. semiconductor industry, May 2013. http://www.fas.org/irp/congress/2003_cr/s060503.html

  40. Lindholm, T., Yellin, F.: The Java Virtual Machine Specification, 2nd edn. Addison-Wesley Longman, Amsterdam (1999)

    Google Scholar 

  41. Msgna, M., Markantonakis, K., Mayes, K.: The B-side of side channel leakage: control flow security in embedded systems. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICST, vol. 127, pp. 288–304. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  42. Msgna, M., Markantonakis, K., Naccache, D., Mayes, K.: Verifying software integrity in embedded systems: a side channel approach. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 261–280. Springer, Heidelberg (2014)

    Google Scholar 

  43. Rabiner, L.: A tutorial on Hidden Markov Models and selected applications in speech recognition. Proc. IEEE 77(2), 257–286 (1989)

    Article  Google Scholar 

  44. Rankl, W., Effing, W.: Smart Card Handbook, 3rd edn. Wiley, New York (2003)

    Book  Google Scholar 

  45. Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Article  MathSciNet  MATH  Google Scholar 

  46. Sere, A.A., Iguchi-Cartigny, J., Lanet, J.L.: Automatic detection of fault attack and countermeasures. In: Proceedings of the 4th Workshop on Embedded Systems Security, WESS 2009, pp. 71–77. ACM, New York (2009)

    Google Scholar 

  47. Wei, S., Nahapetian, A., Potkonjak, M.: Robust passive hardware metering. In: International Conference on Computer-Aided Design (ICCAD), 7–10 November 2011, pp. 802–809. IEEE (2011)

    Google Scholar 

  48. Wilson, P., Frey, A., Mihm, T., Kershaw, D., Alves, T.: Implementing embedded security on dual-virtual-CPU systems. IEEE Des. Test Comput. 24, 582–591 (2007)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Smart Card Centre, Royal Holloway, University of London, Egham, UK

    Konstantinos Markantonakis, Raja Naeem Akram & Mehari G. Msgna

Authors
  1. Konstantinos Markantonakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Raja Naeem Akram
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mehari G. Msgna
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Raja Naeem Akram .

Editor information

Editors and Affiliations

  1. Bucharest, Romania

    Ion Bica

  2. Departement d Informatique, Ecole Normale Superieure, Paris, France

    David Naccache

  3. Advanced Technologies Institute , University Politehnica of Bucharest, Bucharest, Romania

    Emil Simion

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Markantonakis, K., Akram, R.N., Msgna, M.G. (2015). Secure and Trusted Application Execution on Embedded Devices. In: Bica, I., Naccache, D., Simion, E. (eds) Innovative Security Solutions for Information Technology and Communications. SECITC 2015. Lecture Notes in Computer Science(), vol 9522. Springer, Cham. https://doi.org/10.1007/978-3-319-27179-8_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-27179-8_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27178-1

  • Online ISBN: 978-3-319-27179-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation