Conference Paper

Application of a Technique for Secure Embedded Device Design Based on Combining Security Components for Creation of a Perimeter Protection System

Authors:
  • St. Petersburg Federal Research Center of the Russian Academy of Sciences (SPC RAS)
  • St. Petersburg Institute for Informatics and Automation
  • St. Petersburg Federal Research Center of the Russian Academy of Sciences
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

From information security point of view embedded devices are the elements of complex systems operating in a potentially hostile environment. Therefore development of embedded devices is a complex task that often requires expert solutions. The complexity of the task of developing secure embedded devices is caused by various types of threats and attacks that may affect the device, as well as that in practice security of embedded devices is usually considered at the final stage of the development process in the form of adding additional security features. The paper proposes a design technique and its application that will facilitate development of secure and energy-efficient embedded devices. The technique organizes the search for the best combinations of security components on the basis of solving an optimization problem. The efficiency of the proposed technique is demonstrated by development of a room perimeter protection system.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... The key issue of such solutions is in focusing on certain aspects of the security, ensuring their inapplicability for providing the security of microcontroller-based systems in general. For example, techniques might not take into account the strong relationship between hardware and software elements of microcontroller-based devices [7][8][9][10] or design such devices in isolation from the system they are supposed to work in [11,12]. ...
... In [11] a technique for the design of secure and energy-efficient microcontroller-based devices was presented. This technique finds out rational combinations of security components on the basis of solving the optimization problem. ...
Article
Full-text available
This paper describes an original methodology for the design of microcontroller-based physical security systems and its application for the system of mobile robots. The novelty of the proposed methodology lies in combining various design algorithms on the basis of abstract and detailed system representations. The suggested design approach, which is based on the methodology, is modular and extensible, takes into account the security of the physical layer of the system, works with the abstract system representation and is looking for a trade-off between the security of the final solution and the resources expended on it. Moreover, unlike existing solutions, the methodology has a strong focus on security. It is aimed at ensuring the protection of the system against attacks at the design stage, considers security components as an integral part of the system and checks if the system can be designed in accordance with given requirements and limitations. An experimental evaluation of the methodology was conducted with help of its software implementation that consists of Python script, PostgreSQL database, Tkinter interface and available for download on our GitHub. As a use case, the system of mobile robots for perimeter monitoring was chosen. During the experimental evaluation, the design time was measured depending on the parameters of the attacker against which system security must be ensured. Moreover, the software implementation of the methodology was analyzed in compliance with requirements and compared with analogues. The advantages and disadvantages of the methodology as well as future work directions are indicated.
... To address these challenges, it is necessary to develop an approach to secure robotic systems (Desnitsky et al., 2016). Security has become a critical issue when implementing IoT solutions to establish safe communication between robotised wireless sensor network nodes. ...
Article
Full-text available
In recent years, autonomous electric vehicles (A-EVs) have attracted the attention of academia and industry. In urban mobility, this topology requires consensus to control behaviours under swarm robotics. Although several model-based solutions have successfully enhanced accuracy and overcome some limitations, specific technological, methodological, and security issues remain. In this study, we systematically reviewed existing research related to swarm intelligence and multi-agent systems in urban mobility. Based on the obtained results, we propose a new directed acyclic graph-based multilayer architecture model. Furthermore, we propose a long short-term memory recurrent neural network model to make predictions. To validate the model, available data based on real traffic in Madrid (Spain) were considered.
... To meet today's challenges, it is necessary to develop an integrated approach for security [25] of robotic systems. The comprehensiveness of the approach here means not only the union of various security systems and it is also very important to take into account the protection of the security system in itself against the attacks. ...
Preprint
Full-text available
Decentralization, immutability and transparency make of Blockchain one of the most innovative technology of recent years. This paper presents an overview of solutions based on Blockchain technology for multi-agent robotic systems, and provide an analysis and classification of this emerging field. The reasons for implementing Blockchain in a multi-robot network may be to increase the interaction efficiency between agents by providing more trusted information exchange, reaching a consensus in trustless conditions, assessing robot productivity or detecting performance problems, identifying intruders, allocating plans and tasks, deploying distributed solutions and joint missions. Blockchain-based applications are discussed to demonstrate how distributed ledger can be used to extend the number of research platforms and libraries for multi-agent robotic systems.
... Эксперименты демонстрируют возможность внедрения в процесс разработки систем Интернета вещей методик анализа типовых ИЭ-атак с их моделированием на физическом оборудовании и последующей разработкой специализированных компонентов защиты против таких атак на основе предложенного авторами подхода [8,9]. ...
Chapter
This paper considers a new integrated model of secure cyber-physical systems for their design and verification. The suggested integrated model represents cyber-physical systems as a set of building blocks with properties and connections between them. The main challenge to build this model is in consolidating different approaches for modeling of cyber-physical systems in the general integrated approach. The main goal of the suggested general integrated approach is to ensure the transformation from one model to another without losing significant properties of building blocks as well as taking into account emergent properties arising from the interaction of system blocks. The correctness of the model is validated by its use for access control analysis.
Article
Full-text available
Abstract—Embedded,devices need both an efficient and,a secure implementation of cryptographic algorithms. In this overview paper we show a typical top-down approach for secure and efficient implementation of embedded,systems. We outline the security pyramid by illustrating the five primary abstraction levels in an embedded,system. Focusing only on two levels - architecture and circuit level - we show how,the design can be implemented to be both efficient and secure. Index Terms—Security, embedded systems, design methods,
Conference Paper
Full-text available
We summarize some current trends in embedded systems design and point out some of their characteristics, such as the chasm be- tween analytical and computational models, and the gap between safety- critical and best-eort engineering practices. We call for a coherent sci- entific foundation for embedded systems design, and we discuss a few key demands on such a foundation: the need for encompassing several mani- festations of heterogeneity, and the need for constructivity in design. We believe that the development of a satisfactory Embedded Systems Design Science provides a timely challenge and opportunity for reinvigorating computer science.
Conference Paper
Full-text available
Embedded systems present significant security challenges due to their limited resources, power constraints and a variety of inherent vulnerabilities. In this paper, we propose a reconfigurable security primitive for secure embedded systems that leverages the capabilities of reconfigurable hardware to provide an efficient and flexible architectural support to both security standards and a range of attacks. This paper stresses design challenges for secure embedded systems and argues the case for reconfigurable architectural support for security. The reconfigurable security primitive is based on two main ideas: 1) an adaptable datapath, and 2) a hierarchy of controllers at the primitive and system level. The first controller manages the performance policy while the second one deals with the security policy. The AES cryptography algorithm has been considered to show the benefit of our approach compared to hardware and software solutions.
Conference Paper
The sweeping growth of the amount of embedded devices together with their extensive spread pose extensively new design challenges for protection of embedded systems against a wide set of security threats. The embedded device specificity implies combined protection mechanisms require effective resource consumption of their software/hardware modules. At that the design complexity of modern embedded devices, characterized by the proper security level and acceptable resource consumption, is determined by a low structuring and formalization of security knowledge. The paper proposes an approach to elicit security knowledge for subsequent use in automated design and verification tools for secure systems with embedded devices.
Conference Paper
Development of embedded devices is a challenging task because of their varying, reactive and real-time nature. Conventionally embedded devices are considered as a part of systems owned by some other entities and operated in a potentially hostile environment. Embedded device development is an extremely complicated problem due to various types of threats and attacks the device subject to, and because the security in embedded devices is commonly provided as an additional feature at the final stages of the development process, or even neglected. In this paper we propose a new configuration model, which facilitates the design of secure and resource consumption efficient embedded devices. The model enables the search for the most effective combinations of security building blocks in terms of consumption of device resources.
Conference Paper
The development of systems based on embedded components is a challenging task because of their distributed, reactive and real-time nature. From a security point of view, embedded devices are basically systems owned by a certain entity, used frequently as part of systems owned by other entities and operated in a potentially hostile environment. The development of security-enhanced systems of embedded components is a difficult task due to different types of threats that may affect such systems, and because the security in systems of embedded devices is currently added as an additional feature when the development is advanced, or avoided as a superfluous characteristic. We present in this paper a methodology for the analysis and modeling of threats and attacks for systems of embedded components. The Intruder Model allows us to describe possible actions a potential intruder can accomplish, depending on his/her capabilities, resources, etc. Using this information, we can define a Threat Model that will specify the threats and attacks that affect different security properties in specific domains.
Conference Paper
This paper provides insight into the ramifications of battery exhaustion Denial of Service (DoS) attacks on battery-powered mobile devices. Several IEEE 802.11 Wi-Fi, IEEE 802.15.1 Bluetooth, and blended attacks are studied to understand their effects on device battery lifetimes. In the worst case, DoS attacks against mobile devices were found to accelerate battery depletion as much as 18.5%. Also presented in this work is a hybrid Intrusion Detection System (IDS) designed to thwart this form of malicious activity; Multi-Vector Portable Intrusion Detection System (MVP-IDS). MVP-IDS combines host-based device instantaneous current (IC) monitoring with attack traffic signaturing modules.
Article
Components of previous security systems were designed independently from one another and were often difficult to integrate. Described is the recently available IBM Transaction Security System. It implements the Common Cryptographic Architecture and offers a comprehensive set of security products that allow users to implement end-to-end secure systems with IBM components. The system includes a mainframe host-attached Network Security Processor, high-performance encryption adapters for the IBM Personal Computer and Personal System/2® Micro Channel®, an RS-232 attached Security Interface Unit, and a credit-card size state-of-the-art Personal Security™ card containing a high-performance microprocessor. The application programming interface provides common programming in the host and the workstation and supports all of the Systems Application Architecture™ languages except REXX and RPG. Applications may be written to run on Multiple Virtual Storage (MVS) and PC DOS operating systems.
Article
A top-down, multiabstraction layer approach for embedded security design reduces the risk of security flaws, letting designers maximize security while limiting area, energy, and computation costs.
Designing Security-enhanced Embedded Systems: Bridging Two Islands of Expertise
  • M Vasilevskaya
Open Source Physical Security
  • J Norman