Enhancing Security of FPGA-Based Embedded Systems with Combinational Logic Binding

With the increasing use of field-programmable gate arrays (FPGAs) in embedded systems and many embedded applications, the failure to protect FPGA-based embedded systems from cloning attacks has brought serious losses to system developers. This paper proposes a novel combinational logic binding technique to specially protect FPGA-based embedded systems from cloning attacks and provides a pay-per-device licensing model for the FPGA market. Security analysis shows that the proposed binding scheme is robust against various types of malicious attacks. Experimental evaluations demonstrate the low overhead of the proposed technique.     

Implementing Embedded Security on Dual-Virtual-CPU Systems

In this article, we describe a low-cost, dual-virtual-CPU hardware technology for embedded-systems security. We also present a case study of a programmable software design to exploit such hardware. This design integrates a rich operating system without requiring significant changes to it, while maintaining preemptive and real-time properties, exception handling, and power management.     

嵌入式系统的网络安全问题分析

阐述了网络互联背景下的嵌入式系统的安全问题,给出二种分析安全问题的方法在嵌入式系统中的应用,分析了影响系统安全的三种因素并介绍了几种有效的防御方法。     

基于FPGA的可重构系统的应用

基于FPGA的可重构系统的出现,引发了计算和数字逻辑样式的变革。作为逻辑仿真系统,它的仿真速度比软件仿真要快数个量级;作为用户计算机,它在多种类型的应用实现中获得高效率的系统性能;作为多模式系统,它节省了硬件开支,并提供了真正意义上的通用硬件。     

一种面向嵌入式实时系统的安全策略优化生成方法

由于受到系统资源和实时性的限制,对于嵌入式实时系统的安全扩展很难延用通用计算机系统的安全设计方法,因此需要对其进行专门的研究。为了在确保实时性的前提下使嵌入式实时系统的安全性达到最优,本文提出了一套完整的安全设计方法,包括安全任务图模型和安全评估模型,在此基础上,又提出了一种基于整数线性规划的安全策略优化生成方法ILPOS。该安全策略优化生成方法同时解决了安全算法选择和实时可调度性检测两方面的问题,克服了一般分阶段优化方法的不足,从而充分地利用系统可用时间来实现安全扩展。仿真实验结果表明,与传统的启发式安全设计算法相比,ILPOS方法在各种实时性约束条件下都能有效地提高系统的安全性。     

Locking Out the Investigator: The Need to Circumvent Security in Embedded Systems

ABSTRACT

Embedded devices are becoming ubiquitous in both domestic and commercial environments. Although smartphones, tablets, and video game consoles are all labeled by their primary function, most of these devices offer additional features and are capable of additional interactivity. Given the proprietary nature of such devices in terms of hardware and software and the protection mechanisms incorporated into these systems, it is and will continue to be extremely difficult to use “traditional digital forensics” methodologies to access storage media and acquire data for analysis. This paper examines how consumer law may be stifling research that the forensic community could ultimately depend upon to examine devices.     

Strategic Security Intelligence — Embedded Security

Networks dominate today’s computing landscape, yet commercial technical protection is lagging behind attack technology. As a result, protection programme success depends more on prudent management decisions than on the selection of technical safeguards. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Embedded Systems Week

This report discusses Embedded Systems Week 2006, which took place 22-27 October in Seoul. ESWEEK 2006 included three parallel conferences: CODES+ISSS (the International Conference on Hardware/Software Codesign and System Synthesis), EMSOFT (the International Conference on Embedded Software), and CASES (the International Conference on Compilers, Architecture, and Synthesis for Embedded Systems). Almost 500 people attended. ESWEEK 2007 will be held in Salzburg, Austria, from 30 September to 5 October.     

Managing Your Security Future

ABSTRACT

Information technology organizations within most corporations are spending significant time and resources securing IT infrastructure. This increased need for security is driven by a number of factors. These factors include increased dependency on the Internet, financial and legal liability, protection of personal identity information and sensitive corporate data, increased numbers and age of legacy systems with limited vendor support, deploying complex systems, and new regulations governing corporate transactions. There a number of technologies on the market today that can mitigate most of these security factors. However, managers in IT organizations need to identify potential future threats and security technologies to assess and potentially mitigate risk through the deployment of those technologies. This article investigates three areas critical to the successful deployment and securing of information technology.     

Embedded Fault-Tolerant Systems

The Journal of Supercomputing -     

Managing Technical Change in Legacy Systems

Change happens, especially in software. This paper frames the problem of dealing with change in terms of moving software assets to technologically higher ground when faced with a rising flood of new products and technologies. The author introduces methods he has developed for estimating the value of software assets, understanding risks, breaking down aging software, rebuilding systems to make them more maintainable, and using shadow processes to reduce risk when introducing new or updated systems.     

ARM嵌入式系统分析

嵌入式系统的核心是嵌入式处理器,ARM 处理器是目前公认的业界领先的 32 位嵌入式RISC微处理器.基于ARM 核的芯片具有低功耗、高性能的特点,广泛应用于嵌入式产品中.本文从 ARM 体系结构入手,通过对比,详细介绍了RISC的系统结构特点和ARM处理器运行模式,从而对ARM嵌入式系统进入了深入的分析.     

网络安全与嵌入式防火墙

本文在介绍嵌入式防火墙的功能的基础上,通过X86防火墙与嵌入式防火墙的比较,概述了嵌入式防火墙的优势。     

嵌入式系统中的内存压缩技术

介绍内存压缩技术和一个基于硬件的内存压缩系统模型,探讨内存压缩技术在嵌入式系统中的应用;重点介绍内存压缩系统的硬件要求以及操作系统对内存压缩机制的支持;简单介绍内存压缩中常用的算法Lempel-Ziv,并就内存压缩技术在嵌入式系统中的应用问题作一些探讨。     

嵌入式系统中GPRS模块的应用方法

介绍在嵌入式设备中如何应用Siemens公司的XT55和MC55两款的GPRS模块连接Internet进行数据传输,给出AT命令示例,并比较GPRS模块在有/无内嵌TCP/IP协议栈的情况下连接Internet进行数据传输的不同点。     

浅析嵌入式系统在信息家电中的开发与应用

信息家电是通信技术与家用电器相结合的创新产品.本文介绍了信息家电的一种通用嵌入式系统的架构,各种实际的应用中,只要根据相应的需要在这种通用架构上添加相应的信息处理模块和信息采集模决可以实现各种嵌入式系统的应用.