The inherent constraints on power consumption, processing resources, and physical security make embedded systems particularly susceptible to attacks. We have developed a general system-on-a-chip architecture that uses hardware monitors to identify attacks and mediate their impact. These monitors operate independently from the main processing system and thus cannot be "hacked into" or tampered with as it is possible with software-based security solutions. The key idea is to compare the actual system behavior against the expected behavior that can be derived automatically from the executable code. We are in the process of expanding the ideas of this specific system architecture to address the broader issue of how to achieve, test, and validate security in embedded systems.

Publications

• Tilman Wolf, Shufu Mao, Dhruv Kumar, Basab Datta, Wayne Burleson, and Guy Gogniat. Collaborative monitors for embedded system security. In Proc. of First International Workshop on Embedded Systems Security in conjunction with 6th Annual ACM International Conference on Embedded Software (EMSOFT), Seoul, Korea, October 2006.
• Guy Gogniat, Tilman Wolf, and Wayne Burleson, “Reconfigurable security support for embedded systems,” in Proc. of 39th Hawaii International Conference on System Science (HICSS-39), Poipu, HI, January 2006.
• Tilman Wolf, Shulin You, and Ramaswamy Ramaswamy, “Transparent TCP acceleration through network processing,” in Proc. of IEEE Global Communications Conference (GLOBECOM), St. Louis, MO, Nov. 2005.
• Guy Gogniat, Tilman Wolf, and Wayne Burleson, “Reconfigurable security primitive for embedded systems,” in Proc. of International Symposium on System-on-Chip (SOC), Tampere, Finland, Nov. 2005.