LI Dongfang, ZHAN Xin, TONG Qiaoling, ZOU Xuecheng, LIU Zhenglin. The Design and Implementation of Embedded Security CPU Based on Multi-strategy[J]. Chinese Journal of Electronics, 2016, 25(5): 801-806. doi: 10.1049/cje.2016.08.040
Citation: LI Dongfang, ZHAN Xin, TONG Qiaoling, ZOU Xuecheng, LIU Zhenglin. The Design and Implementation of Embedded Security CPU Based on Multi-strategy[J]. Chinese Journal of Electronics, 2016, 25(5): 801-806. doi: 10.1049/cje.2016.08.040

The Design and Implementation of Embedded Security CPU Based on Multi-strategy

doi: 10.1049/cje.2016.08.040
Funds:  This work is supported by the National Natural Science Foundation of China (No.61176026, No.61376026).
More Information
  • Corresponding author: LIU Zhenglin (corresponding author) received the Ph.D. degree from Huazhong University of Science and Technology. Currently, he is a professor at School of Optical and Electronic Information, Huazhong University of Science and Technology. His main research areas include embedded system security and VLSI design. (Email:liuzhenglin@hust.edu.cn)
  • Received Date: 2014-01-10
  • Rev Recd Date: 2016-02-01
  • Publish Date: 2016-09-10
  • Control flow monitoring, information flow tracking and memory monitoring are the three main solutions to enhance the security of embedded system at the hardware architecture level. However, most of the current studies about the security of embedded system consider the above solutions in separate dimensions rather than a combined effort. We start from the operation model at the instruction level, and propose a security multi-strategy which combines information flow tracking and memory monitoring by studying the security operating mechanism of embedded system. As a hardware approach this strategy extends the embedded processor architecture with additional security defense control. The experimental results show this multi-strategy is more effective and can detect more malicious attacks than a single solution. The effectiveness of our proposed security multi-strategy has been verified in a Field programmable gate array (FPGA) prototype platform based on a customized Leon3 microprocessor.
  • loading
  • Y. Jin, "Embedded system security in smart consumer electronics", Proc. of the 4th International Workshop on Trustworthy Embedded Devices, pp.59-59, 2014.
    S. Chen, J. Xu, N. Nakka, et al., "Defeating memory corruption attacks via pointer taintedness detection", Proc. of the International Conference on Dependable Systems and Networks (DSN), pp.378-387, 2005.
    M. Ozsoy, D. Ponomarev, N.A. Ghazaleh, et al., "SIFT:Lowcomplexity energy-efficient information flow tracking on SMT processors", IEEE Transactions on Computers, Vol.63, No.2, pp.484-496, 2014.
    M.Dalton, H. Kannan and C. Kozyrakis, "Raksha:A flexible information flow architecture for software security", Proc. of 34th International Symposium on Computer Architecture, pp.482-493, 2007.
    N. Vachharajani, M.J. Bridges, J. Chang, et al., "RIFLE:An architectural framework for user-centric information-flow security", Proc. of 37th Annual IEEE/ACM International Symposium on Microarchitecture, pp.243-254, 2004.
    V.P. Kemerlis, G. Portokalidis, K. Jee, et al., "Libdft:Practical dynamic data flow tracking for commodity systems", Proc. of 8th ACM SIGPLAN/SIGOPS Conference on Virtual Execution Environments, pp.121-132, 2012.
    G. Venkataramani, I. Doudalis, Y. Solihin, et al., "FlexiTaint:A programmable accelerator for dynamic taint propagation", Proc. of ACM/IEEE Design Automation Conference, pp.173-184, 2008.
    Z. Liu, X.S. Zhang and X.D. Li, "Proactive vulnerability finding via information flow tracking", Proc. of the International Conference on Multimedia Information Networking and Security, pp.481-485, 2010.
    M. Dalton, H. Kannan and C. Kozyrakis, "Real-world buffer overflow protection for user and kernel space", Proc. of the International Conference on Dependable Systems and Networks (DSN), pp.395-410, 2008.
    C. Cowan, C. Pu, D. Maier, et al., "Stackguard:Automatic adaptive detection and prevention of buffer-overflow attacks", Proc. of the USENIX Security Symposium, pp.63-78, 1998.
    Zili Shao and Edwin Sha, "Defending embedded systems against buffer overflow via hardware/software", Proc. of the International Conference on Information Technology:Coding and Computing, pp.352-361, 2004.
    D. Li, Z. Liu and Y. Zhao, "HeapDefender:A mechanism of defending embedded systems against heap overflow via hardware", Ubiquitous Intelligence and Computing and 9th International Conference on Autonomic and Trusted Computing (UIC/ATC), pp.851-856, 2012.
    D. Li, Z. Lu, X. Zou, et al., "PUFKEY:A high-security and high-throughput hardware true random number generator for sensor networks", Sensors, Vol.15, No.10, pp.26251-26266, 2015.
    SPARC Inc, "The SPARC Architecture Manual (Version 8)", http://www.gaisler.com, 2016-1-22.
    Reouven Elbaz, David Champagne, Catherine Gebotys, et al., "Hardware mechanisms for memory authentication:A survey of existing techniques and engines", Transactions on Computational Science IV, Lecture Notes in Computer Science, Vol.5430, pp.1-22, 2009.
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Article Metrics

    Article views (177) PDF downloads(733) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return