Configurable memory security in embedded systems

Configurable memory security in embedded systems

System security is an increasingly important design criterion for many embedded systems. These systems are often portable and more easily attacked than traditional desktop and server computing systems. Key requirements for system security include defenses against physical attacks and lightweight sup...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:ACM transactions on embedded computing systems 2013-03, Vol.12 (3), p.1-23
Hauptverfasser: Crenne, Jeremie, Vaslin, Romain, Gogniat, Guy, Diguet, Jean-Philippe, Tessier, Russell, Unnikrishnan, Deepak
Format: Artikel
Sprache:eng
Schlagworte:
Computer information security
Computer Science
Hardware Architecture
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 23
container_issue 3
container_start_page 1
container_title ACM transactions on embedded computing systems
container_volume 12
creator Crenne, Jeremie
Vaslin, Romain
Gogniat, Guy
Diguet, Jean-Philippe
Tessier, Russell
Unnikrishnan, Deepak
description System security is an increasingly important design criterion for many embedded systems. These systems are often portable and more easily attacked than traditional desktop and server computing systems. Key requirements for system security include defenses against physical attacks and lightweight support in terms of area and power consumption. Our new approach to embedded system security focuses on the protection of application loading and secure application execution. During secure application loading, an encrypted application is transferred from on-board flash memory to external double data rate synchronous dynamic random access memory (DDR-SDRAM) via a microprocessor. Following application loading, the core-based security technique provides both confidentiality and authentication for data stored in a microprocessor's system memory. The benefits of our low overhead memory protection approaches are demonstrated using four applications implemented in a field-programmable gate array (FPGA) in an embedded system prototyping platform. Each application requires a collection of tasks with varying memory security requirements. The configurable security core implemented on-chip inside the FPGA with the microprocessor allows for different memory security policies for different application tasks. An average memory saving of 63% is achieved for the four applications versus a uniform security approach. The lightweight circuitry included to support application loading from flash memory adds about 10% FPGA area overhead to the processor-based system and main memory security hardware.
doi_str_mv 10.1145/2442116.2442121
format Article
fullrecord <record><control><sourceid>proquest_hal_p</sourceid><recordid>TN_cdi_hal_primary_oai_HAL_hal_00670938v1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1506368747</sourcerecordid><originalsourceid>FETCH-LOGICAL-c382t-aa517e006fde54649b64745a3f129ca8aaf466f2069cdfa7b35e57905fcdfd213</originalsourceid><addsrcrecordid>eNqNkE1Lw0AQhhdRsFbPXnPUQ9qd_d5jKWqFghc9L5tkViNJU3cTIf_exhbPnt6Z4eFleAi5BboAEHLJhGAAavGbDM7IDKQ0ORdKnk8zt7mlRl-Sq5Q-KQXNhJwRuu52oX4foi8azFpsuzhmCcsh1v2Y1bsM2wKrCqssjanHNl2Ti-CbhDennJO3x4fX9Sbfvjw9r1fbvOSG9bn3EjRSqkKFUihhCyW0kJ4HYLb0xvsglAqMKltWweuCS5TaUhkOa8WAz8n9sffDN24f69bH0XW-dpvV1k23Q7emlpvvib07svvYfQ2YetfWqcSm8TvshuRAUsWN1qD_hyqjxYQuj2gZu5Qihr83gLpJuTspdyfl_Afk-3Fa</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1506368747</pqid></control><display><type>article</type><title>Configurable memory security in embedded systems</title><source>ACM Digital Library Complete</source><creator>Crenne, Jeremie ; Vaslin, Romain ; Gogniat, Guy ; Diguet, Jean-Philippe ; Tessier, Russell ; Unnikrishnan, Deepak</creator><creatorcontrib>Crenne, Jeremie ; Vaslin, Romain ; Gogniat, Guy ; Diguet, Jean-Philippe ; Tessier, Russell ; Unnikrishnan, Deepak</creatorcontrib><description>System security is an increasingly important design criterion for many embedded systems. These systems are often portable and more easily attacked than traditional desktop and server computing systems. Key requirements for system security include defenses against physical attacks and lightweight support in terms of area and power consumption. Our new approach to embedded system security focuses on the protection of application loading and secure application execution. During secure application loading, an encrypted application is transferred from on-board flash memory to external double data rate synchronous dynamic random access memory (DDR-SDRAM) via a microprocessor. Following application loading, the core-based security technique provides both confidentiality and authentication for data stored in a microprocessor's system memory. The benefits of our low overhead memory protection approaches are demonstrated using four applications implemented in a field-programmable gate array (FPGA) in an embedded system prototyping platform. Each application requires a collection of tasks with varying memory security requirements. The configurable security core implemented on-chip inside the FPGA with the microprocessor allows for different memory security policies for different application tasks. An average memory saving of 63% is achieved for the four applications versus a uniform security approach. The lightweight circuitry included to support application loading from flash memory adds about 10% FPGA area overhead to the processor-based system and main memory security hardware.</description><identifier>ISSN: 1539-9087</identifier><identifier>EISSN: 1558-3465</identifier><identifier>DOI: 10.1145/2442116.2442121</identifier><language>eng</language><publisher>ACM</publisher><subject>Computer information security ; Computer Science ; Hardware Architecture</subject><ispartof>ACM transactions on embedded computing systems, 2013-03, Vol.12 (3), p.1-23</ispartof><rights>Distributed under a Creative Commons Attribution 4.0 International License</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c382t-aa517e006fde54649b64745a3f129ca8aaf466f2069cdfa7b35e57905fcdfd213</citedby><cites>FETCH-LOGICAL-c382t-aa517e006fde54649b64745a3f129ca8aaf466f2069cdfa7b35e57905fcdfd213</cites><orcidid>0000-0003-0728-6040 ; 0000-0002-9528-5277</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>230,314,776,780,881,27901,27902</link.rule.ids><backlink>$$Uhttps://hal.science/hal-00670938$$DView record in HAL$$Hfree_for_read</backlink></links><search><creatorcontrib>Crenne, Jeremie</creatorcontrib><creatorcontrib>Vaslin, Romain</creatorcontrib><creatorcontrib>Gogniat, Guy</creatorcontrib><creatorcontrib>Diguet, Jean-Philippe</creatorcontrib><creatorcontrib>Tessier, Russell</creatorcontrib><creatorcontrib>Unnikrishnan, Deepak</creatorcontrib><title>Configurable memory security in embedded systems</title><title>ACM transactions on embedded computing systems</title><description>System security is an increasingly important design criterion for many embedded systems. These systems are often portable and more easily attacked than traditional desktop and server computing systems. Key requirements for system security include defenses against physical attacks and lightweight support in terms of area and power consumption. Our new approach to embedded system security focuses on the protection of application loading and secure application execution. During secure application loading, an encrypted application is transferred from on-board flash memory to external double data rate synchronous dynamic random access memory (DDR-SDRAM) via a microprocessor. Following application loading, the core-based security technique provides both confidentiality and authentication for data stored in a microprocessor's system memory. The benefits of our low overhead memory protection approaches are demonstrated using four applications implemented in a field-programmable gate array (FPGA) in an embedded system prototyping platform. Each application requires a collection of tasks with varying memory security requirements. The configurable security core implemented on-chip inside the FPGA with the microprocessor allows for different memory security policies for different application tasks. An average memory saving of 63% is achieved for the four applications versus a uniform security approach. The lightweight circuitry included to support application loading from flash memory adds about 10% FPGA area overhead to the processor-based system and main memory security hardware.</description><subject>Computer information security</subject><subject>Computer Science</subject><subject>Hardware Architecture</subject><issn>1539-9087</issn><issn>1558-3465</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2013</creationdate><recordtype>article</recordtype><recordid>eNqNkE1Lw0AQhhdRsFbPXnPUQ9qd_d5jKWqFghc9L5tkViNJU3cTIf_exhbPnt6Z4eFleAi5BboAEHLJhGAAavGbDM7IDKQ0ORdKnk8zt7mlRl-Sq5Q-KQXNhJwRuu52oX4foi8azFpsuzhmCcsh1v2Y1bsM2wKrCqssjanHNl2Ti-CbhDennJO3x4fX9Sbfvjw9r1fbvOSG9bn3EjRSqkKFUihhCyW0kJ4HYLb0xvsglAqMKltWweuCS5TaUhkOa8WAz8n9sffDN24f69bH0XW-dpvV1k23Q7emlpvvib07svvYfQ2YetfWqcSm8TvshuRAUsWN1qD_hyqjxYQuj2gZu5Qihr83gLpJuTspdyfl_Afk-3Fa</recordid><startdate>20130301</startdate><enddate>20130301</enddate><creator>Crenne, Jeremie</creator><creator>Vaslin, Romain</creator><creator>Gogniat, Guy</creator><creator>Diguet, Jean-Philippe</creator><creator>Tessier, Russell</creator><creator>Unnikrishnan, Deepak</creator><general>ACM</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>1XC</scope><orcidid>https://orcid.org/0000-0003-0728-6040</orcidid><orcidid>https://orcid.org/0000-0002-9528-5277</orcidid></search><sort><creationdate>20130301</creationdate><title>Configurable memory security in embedded systems</title><author>Crenne, Jeremie ; Vaslin, Romain ; Gogniat, Guy ; Diguet, Jean-Philippe ; Tessier, Russell ; Unnikrishnan, Deepak</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c382t-aa517e006fde54649b64745a3f129ca8aaf466f2069cdfa7b35e57905fcdfd213</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2013</creationdate><topic>Computer information security</topic><topic>Computer Science</topic><topic>Hardware Architecture</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Crenne, Jeremie</creatorcontrib><creatorcontrib>Vaslin, Romain</creatorcontrib><creatorcontrib>Gogniat, Guy</creatorcontrib><creatorcontrib>Diguet, Jean-Philippe</creatorcontrib><creatorcontrib>Tessier, Russell</creatorcontrib><creatorcontrib>Unnikrishnan, Deepak</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Hyper Article en Ligne (HAL)</collection><jtitle>ACM transactions on embedded computing systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Crenne, Jeremie</au><au>Vaslin, Romain</au><au>Gogniat, Guy</au><au>Diguet, Jean-Philippe</au><au>Tessier, Russell</au><au>Unnikrishnan, Deepak</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Configurable memory security in embedded systems</atitle><jtitle>ACM transactions on embedded computing systems</jtitle><date>2013-03-01</date><risdate>2013</risdate><volume>12</volume><issue>3</issue><spage>1</spage><epage>23</epage><pages>1-23</pages><issn>1539-9087</issn><eissn>1558-3465</eissn><abstract>System security is an increasingly important design criterion for many embedded systems. These systems are often portable and more easily attacked than traditional desktop and server computing systems. Key requirements for system security include defenses against physical attacks and lightweight support in terms of area and power consumption. Our new approach to embedded system security focuses on the protection of application loading and secure application execution. During secure application loading, an encrypted application is transferred from on-board flash memory to external double data rate synchronous dynamic random access memory (DDR-SDRAM) via a microprocessor. Following application loading, the core-based security technique provides both confidentiality and authentication for data stored in a microprocessor's system memory. The benefits of our low overhead memory protection approaches are demonstrated using four applications implemented in a field-programmable gate array (FPGA) in an embedded system prototyping platform. Each application requires a collection of tasks with varying memory security requirements. The configurable security core implemented on-chip inside the FPGA with the microprocessor allows for different memory security policies for different application tasks. An average memory saving of 63% is achieved for the four applications versus a uniform security approach. The lightweight circuitry included to support application loading from flash memory adds about 10% FPGA area overhead to the processor-based system and main memory security hardware.</abstract><pub>ACM</pub><doi>10.1145/2442116.2442121</doi><tpages>23</tpages><orcidid>https://orcid.org/0000-0003-0728-6040</orcidid><orcidid>https://orcid.org/0000-0002-9528-5277</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 1539-9087
ispartof ACM transactions on embedded computing systems, 2013-03, Vol.12 (3), p.1-23
issn 1539-9087
1558-3465
language eng
recordid cdi_hal_primary_oai_HAL_hal_00670938v1
source ACM Digital Library Complete
subjects Computer information security
Computer Science
Hardware Architecture
title Configurable memory security in embedded systems
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-29T17%3A15%3A16IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_hal_p&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Configurable%20memory%20security%20in%20embedded%20systems&rft.jtitle=ACM%20transactions%20on%20embedded%20computing%20systems&rft.au=Crenne,%20Jeremie&rft.date=2013-03-01&rft.volume=12&rft.issue=3&rft.spage=1&rft.epage=23&rft.pages=1-23&rft.issn=1539-9087&rft.eissn=1558-3465&rft_id=info:doi/10.1145/2442116.2442121&rft_dat=%3Cproquest_hal_p%3E1506368747%3C/proquest_hal_p%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=1506368747&rft_id=info:pmid/&rfr_iscdi=true