skip to main content
10.1145/2024724.2024782acmconferencesArticle/Chapter ViewAbstractPublication PagesdacConference Proceedingsconference-collections
research-article

Information flow isolation in I2C and USB

Published: 05 June 2011 Publication History

Abstract

Flight control, banking, medical, and other high assurance systems have a strict requirement on correct operation. Fundamental to this is the enforcement of non-interference where particular subsystems should not affect one another. In an effort to help guarantee this policy, recent work has emerged with tracking information flows at the hardware level. This article uses a specific method known as gate-level information flow tracking (GLIFT) to provide a methodology for testing information flows in two common bus protocols, I2C and USB. We show that the protocols do elicit unintended information flows and provide a solution based on time division multiple access (TDMA) that provably isolates devices on the bus from these flows. This paper also discusses the overheads in area and simulation time incurred by this TDMA based solution.

References

[1]
What does cc eal6+ mean?, http://www.ok-labs.com/blog/entry/what-does-cc-eal6-mean/, November 20, 2008.
[2]
The integrity real-time operating system, http://www.ghs.com/products/rtos/integrity.html, June 29, 2007
[3]
J. A. Goguen, J. Meseguer, Security Policies and Security Models. pp.11, IEEE Symposium on Security and Privacy, 1982
[4]
Federal Aviation Administration (FAA). Boeing model 787--8 airplane; Systems and Data Networks Security-isolation or Protection from Unauthorized Passenger Domain Systems Access. http://cryptome.info/faa010208.htm.
[5]
D. J. Bernstein. Cache-timing attacks on AES. Technical Report, 2005.
[6]
O. Accigmez, J. pierre Seifert, and C. K. Koc. Predicting Secret Keys via Branch Prediction. In Cryptology, The Cryptographers Track at RSA, pages 225--242. Springer-Verlag, 2007.
[7]
W. M. Hu. Reducing Timing Channels by Fuzzy Time. In Proceedings of the Symposium on Research in Security and Privacy, Oakland, May 1991.
[8]
G. E. Suh, J. W. Lee, D. Zhang, and S. Devadas. Secure Program Execution via Dynamic Information Flow Tracking. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating systems (ASPLOS), New York, 2004.
[9]
J. R. Crandall and F. T. Chong. Minos: Control Data Attack Prevention Orthogonal to Memory Model. In Proceedings of the International Symposium on Microarchitecture (MICRO), 2004
[10]
P. A. Karger, M. E. Zurko, D. W. Bonin, A. H. Mason, and C. E. Kahn. A Retrospective on the VAX VMM Security Kernel. IEEE Transactions on Software Engineering, 17(11):1147--1165, 1991.
[11]
M. Tiwari, H. Wassel, B. Mazloom, S. Mysore, F. Chong, and T. Sherwood, Complete information flow tracking from the gates up. In Proceedings of the 14th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2009.
[12]
M. Dalton, H. Kannan, and C. Kozyrakis. Raksha: A Flexible Information Flow Architecture for Software Security. In 34th Intl. Symposium on Computer Architecture (ISCA), June 2007.
[13]
I 2 C Manual, http://www.nxp.com/documents/application_note/AN10216.pdf, March 2003.
[14]
USB 2.0 Specification, http://www.usb.org/developers/docs, April 27, 2000.
[15]
J. Oberg, W. Hu, A. Irturk, M. Tiwari, T. Sherwood and R. Kastner, Theoretical Analysis of Gate Level Information Flow Tracking, In proceedings of the 47th Design Automation Conference(DAC'10), June 2010.

Cited By

View all
  • (2024)AGILE: Automated Assertion Generation to Detect Information Leakage VulnerabilitiesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.334397019(1794-1809)Online publication date: 2024
  • (2024)Hardware/software security co-verification and vulnerability detectionIntegration, the VLSI Journal10.1016/j.vlsi.2023.10208994:COnline publication date: 1-Jan-2024
  • (2024)SoC Security Verification Using Fuzz, Penetration, and AI TestingHardware Security10.1007/978-3-031-58687-3_4(183-229)Online publication date: 3-Apr-2024
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
DAC '11: Proceedings of the 48th Design Automation Conference
June 2011
1055 pages
ISBN:9781450306362
DOI:10.1145/2024724
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 June 2011

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. high-assurance systems
  2. information flow tracking
  3. timing channels

Qualifiers

  • Research-article

Funding Sources

Conference

DAC '11
Sponsor:

Acceptance Rates

Overall Acceptance Rate 1,317 of 3,929 submissions, 34%

Upcoming Conference

DAC '25
62nd ACM/IEEE Design Automation Conference
June 22 - 26, 2025
San Francisco , CA , USA

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)28
  • Downloads (Last 6 weeks)2
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)AGILE: Automated Assertion Generation to Detect Information Leakage VulnerabilitiesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.334397019(1794-1809)Online publication date: 2024
  • (2024)Hardware/software security co-verification and vulnerability detectionIntegration, the VLSI Journal10.1016/j.vlsi.2023.10208994:COnline publication date: 1-Jan-2024
  • (2024)SoC Security Verification Using Fuzz, Penetration, and AI TestingHardware Security10.1007/978-3-031-58687-3_4(183-229)Online publication date: 3-Apr-2024
  • (2023)A Framework for Design, Verification, and Management of SoC Access Control SystemsIEEE Transactions on Computers10.1109/TC.2022.320992372:2(386-400)Online publication date: 1-Feb-2023
  • (2023)Pattern-Based Information Flow Control for Safety-Critical On-Chip SystemsComputer Safety, Reliability, and Security10.1007/978-3-031-40923-3_14(181-195)Online publication date: 11-Sep-2023
  • (2022)Cut and Forward: Safe and Secure Communication for FPGA System on ChipsIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2022.319734341:11(4052-4063)Online publication date: Nov-2022
  • (2022)Model-based configuration of access protection units for multicore processors in embedded systemsMicroprocessors & Microsystems10.1016/j.micpro.2021.10437787:COnline publication date: 9-Apr-2022
  • (2021)Hardware Information Flow TrackingACM Computing Surveys10.1145/344786754:4(1-39)Online publication date: 3-May-2021
  • (2021)Seeds of SEED: Building and Verifying Foundationally Isolated Hardware Architectures2021 International Symposium on Secure and Private Execution Environment Design (SEED)10.1109/SEED51797.2021.00032(210-214)Online publication date: Sep-2021
  • (2021)Aker: A Design and Verification Framework for Safe and Secure SoC Access Control2021 IEEE/ACM International Conference On Computer Aided Design (ICCAD)10.1109/ICCAD51958.2021.9643538(1-9)Online publication date: 1-Nov-2021
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media