350 rub
Journal Highly available systems №2 for 2012 г.
Article in number:
Configuring of combined protection components for embedded devices by solving optimality task
Keywords: embedded device security design of secure embedded devices configuration optimization
Authors:
V.A. Desnitsky, I.V. Kotenko, A.A. Chechulin
Abstract:
The paper encompasses security issues of the systems which include embedded devices. Such systems are notable for, firstly, autonomy of individual devices included in the system, and, secondly, constrains of the resources of the devices and their consequently week efficiency. By configuration we mean a set of security components that, firstly, covers all demanded functional protection properties; secondly, satisfies the constraints imposed on volumes of device resources being allocated for protection functions fulfillment; and, thirdly, satisfies platform compatibility constraints. A configuration meeting all three conditions is called admissible one. The optimality is meant in accordance with some optimality criterion set in the configuration process. Configuration process is targeted on the search for admissible configurations, search for optimal configurations and checking a configuration is admissible or optimal. Importance of configuring analysis is conditioned by the tendency to rapid increase in quantity of devices controlled remotely and carrying out communications on the Internet - so-called "Internet of Things". Carrying out communications in untrusted and hostile environment, such systems are subject to both specialized and universal attacks. Hence the more important becomes the task of building the efficient defense mechanisms, aimed at counteraction to the attacks, carried out by potential intruder. In the paper the model and the architecture of the configuration mechanism for secure embedded devices is proposed. It is based on a serious of diagrams in UML 2.0 notation, describes the static model of the configuration mechanism and determines its structural elements and connections between them. A developed software prototype allows demonstrating the proposed approach and represents a software tool to configure secure distributed system with embedded devices. The configuration mechanism is oriented on supporting device developer-s decision making at the design stage to get required security under admissible resource consumption. The tool also allows the developer to identify which resources turn out to be the most critical for the given configuration and to know what amounts of resources the device should provide in order to run a particular configuration. As an example of the proposed configuration approach application we regard an element of the telecommunication system for mobile and quickly deployed communication network to support and control in emergencies when a number of services and devices are operating.
Pages: 50-56
References
  1. Десницкий В.А., Котенко И.В., Чечулин А.А. Построение и тестирование безопасных встроенных систем // Труды XII Санкт-Петербургской Междунар. конф. «Региональная информатика» («РИ-2010») (СПОИСУ). СПб., 2011. C. 115-121.
  2. Десницкий В.А., Чечулин А.А. Модели процесса построения безопасных встроенных систем // Системы высокой доступности. 2011. № 2. С. 97-101.
  3. Котенко И.В., Десницкий В.А., Чечулин А.А. Исследование технологии проектирования безопасных встроенных систем в проекте Европейского сообщества SecFutur // Защита информации. Инсайд. 2011. №3. С. 68-75.
  4. Abraham D.G., Dolan G.M., Double G.P., Stevens J.V. Transaction security system // IBM Systems Journal. 1991. №30.
    Issue 4. P. 598-598.
  5. Atallah M., Bryant E., Stytz M. A survey of Anti-Tamper Technologies // The Journal of Defence Software Engineering. 2004. №17. V. 11. P. 12-16.
  6. Aucsmith D. Tamper-resistant software: An implementation // Information Hiding: First International Workshop: Proceedings, volume 1174 of Lecture Notes in Computer Science, Springer-Verlag, 1996. P. 317-333.
  7. Ceccato M., Preda M., Nagra J., Collberg C, Tonella P. Trading-off security and performance in barrier slicing for remote software entrusting // Journal of Automated Software Engineering, Springer. June 2009. №16. V. 2. P. 235-261.
  8. Cormen T.H., Leiserson C.E., Rivest R.L., Stein C. Introduction to Algorithms // The MIT Press. 2009.
  9. Desnitsky V., Kotenko I., Chechulin A. An abstract model for embedded systems and intruders // Proceedings of the Work in Progress Session held in connection with the 19th Euromicro International Conference on Parallel, Distributed and network-based Processing (PDP 2011). Ayia Napa, Cyprus, February 2011. SEA-Publications. 2011. P. 25-26.
  10. Fowler M. UML Distilled: A Brief Guide to the Standard Object Modeling Language. Addison-Wesley Professional. 2003.
  11. Gogniat G., Wolf T., Burleson W. Reconfigurable Security Primitive for Embedded Systems // Proceedings of System-on-Chip 2005 International Symposium. 2005. P. 23-28.
  12. Grand J. Practical Secure Hardware Design for Embedded Systems // Proceedings of the 2004 Embedded Systems Conference. San Francisco. California. CD-ROM. CMP Media. 2004.
  13. Kocher P., Lee R., Mcgraw G., Ravi S. Security as a new dimension in embedded system design // DAC - 04. Proceedings of the 41st Design Automation Conference. 2004. P. 753-760.
  14. Kommerling O., Kuhn M.G. Design principles for tamper-resistant smartcard processors // Proceedings of the USENIX Workshop on Smartcard Technology. 1999. P. 9-20.
  15. Koopman P. Embedded System Security // IEEE Computer. July 2004. №37. V.7.P. 95-97.
  16. Lee G.M., Kim J.Y. The Internet of Things - A problem statement // Information and Communication Technology Convergence (ICTC). 2010 International Conference on 17-19 Nov. 2010. P. 517-518.
  17. Mastotakis N. E., Caraus I., Tkacenko A. The DEA method in economical efficiency analysis (micro-level) // Proceeding MATH'07 of the 11th WSEAS International Conference on Applied Mathematics World Scientific and Engineering Academy and Society (WSEAS) Stevens Point, Wisconsin. USA. 2007. P. 103-107.
  18. Ovaska E., Balogh A., Campos S., Noguero A., Pataricza A., Tiensyrjä K. Model and Quality Driven Embedded Systems Engineering. Technical Research Centre of Finland. 2009.
  19. Rae A.J., Wildman L.P. A Taxonomy of Attacks on Secure Devices. Department of Information Technology and Electrical Engineering, University of Queensland, Australia. 2003.
  20. Ruiz J.F., Harjani R., Maña A., Desnitsky V., Kotenko I., Chechulin A. A Methodology for the Analysis and Modeling of Security Threats and Attacks for Systems of Embedded Components // The 20th Euromicro International Conference on Parallel, Distributed and Network-Based Computing (PDP2012). Munich. Germany. February 15-17. 2012.