Embedded System Security

The inherent constraints on power consumption, processing resources, and physical security make embedded systems particularly susceptible to attacks. We have developed a general system-on-a-chip architecture that uses hardware monitors to identify attacks and mediate their impact. These monitors operate independently from the main processing system and thus cannot be "hacked into" or tampered with as it is possible with software-based security solutions. The key idea is to compare the actual system behavior against the expected behavior that can be derived automatically from the executable code. We are in the process of expanding the ideas of this specific system architecture to address the broader issue of how to achieve, test, and validate security in embedded systems.

Publications

• Shufu Mao and Tilman Wolf, "Hardware support for secure processing in embedded systems," in Proc. of 44th Design Automation Conference (DAC), San Diego, CA, June 2007, pp. 483-488.
• Tilman Wolf, Shufu Mao, Dhruv Kumar, Basab Datta, Wayne Burleson, and Guy Gogniat, "Collaborative monitors for embedded system security," in Proc. of First International Workshop on Embedded Systems Security in conjunction with 6th Annual ACM International Conference on Embedded Software (EMSOFT), Seoul, Korea, Oct. 2006.
• For more publications see the publications page.