Abstract
Conventionally, automotive embedded systems are assessed for evaluating various different aspects such as safety, functionality, and real-time. However, the inclusion of security aspect, which indeed is becoming increasingly important in modern day cars, has a significant impact on the above aspects, especially on functionality and real-time. This impact would be clearly visible in the functional model of the embedded system because including security features modifies the data flow in the system. Thus, the goal of this contribution is to assess and evaluate the security aspect in such systems by exploiting their functional models. Such an assessment further results in establishing a possible relation between real-time formal analysis and the existing security theory. For this, a formal approach well-known from real-time embedded domain is utilized in here.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Alur, R., Dill, D.L.: A Theory of Timed Automata. Theoretical Computer Science 126(2), 183–235 (1994)
Benveniste, A., Berry, G.: The Synchronous Approach to Reactive and Real-Time Systems. Proceedings of the IEEE 79, 1270–1282 (1991)
Büker, M., Metzner, A., Stierand, I.: Testing real-time task networks with functional extensions using model-checking. In: Proc. 14th IEEE International Conference on Emerging Technologies & Factory Automation, pp. 564–573. IEEE Press (2009)
Cortier, V., Kremer, S. (eds.): Formal Models and Techniques for Analyzing Security Protocols. IOS Press (2011)
Crazzolara, F., Winskel, G.: Petri nets in cryptographic protocols. In: Proceedings of the 15th International Parallel & Distributed Processing Symposium, IPDPS 2001, p. 149. IEEE Computer Society, Washington, DC (2001), http://dl.acm.org/citation.cfm?id=645609.662336
Denning, D.E.: A lattice model of secure information flow. Communications of the ACM 19(5), 236–243 (1976)
Faber, J., Stierand, I.: From high-level verification to real-time scheduling: A property-preserving integration. Reports of SFB/TR 14 AVACS 19, SFB/TR 14 AVACS (May 2007), iSSN: 1860-9821, http://www.avacs.org
Fröschle, S.: Adding branching to the strand space model. Electron. Notes Theor. Comput. Sci. 242(1), 139–159 (2009)
Fröschle, S., Sommer, N.: Reasoning with Past to Prove PKCS#11 Keys Secure. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 96–110. Springer, Heidelberg (2011)
Ghamarian, A.H., Geilen, M.C.W., Basten, T., Theelen, B.D., Mousavi, M.R., Stuijk, S.: Liveness and boundedness of synchronous data flow graphs. In: FMCAD 2006: Proceedings of the Formal Methods in Computer Aided Design, pp. 68–75. IEEE Computer Society, Washington, DC (2006)
Lowe, G.: Analysing Security Protocols Using CSP. In: Cortier, Kremer (eds.) [4] (2011)
Malipatlolla, S., Stierand, I.: Evaluating the Impact of Integrating a Security Module on the Real-Time Properties of a System. In: Schirner, G., Götz, M., Rettberg, A., Zanella, M.C., Rammig, F.J. (eds.) IESS 2013. IFIP AICT, vol. 403, pp. 343–352. Springer, Heidelberg (2013)
Fabrega, F.J.T., Herzog, J.C., Guttman, J.D.: Strand spaces: why is a security protocol correct? In: IEEE Symposium on Security and Privacy, pp. 160–171 (1998)
Tindell, K.W., Burns, A., Wellings, A.J.: Allocating hard real-time tasks: An NP-Hard problem made easy. Real-Time Systems 4, 145–165 (1992)
Yip, A., Wang, X., Zeldovich, N., Kaashoek, M.F.: Improving application security with data flow assertions. In: Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles, pp. 291–304. ACM (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Stierand, I., Malipatlolla, S. (2013). Exploiting Functional Models to Assess the Security Aspect in Embedded System Design. In: Thampi, S.M., Atrey, P.K., Fan, CI., Perez, G.M. (eds) Security in Computing and Communications. SSCC 2013. Communications in Computer and Information Science, vol 377. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40576-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-40576-1_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40575-4
Online ISBN: 978-3-642-40576-1
eBook Packages: Computer ScienceComputer Science (R0)