Enforcing Policy-Based Security Models for Embedded SoCs within the Internet of Things (original) (raw)
Related papers
Policy-Based Security Modelling and Enforcement Approach for Emerging Embedded Architectures
2018 31st IEEE International System-on-Chip Conference (SOCC), 2018
Complex embedded systems often contain hard to find vulnerabilities which, when exploited, have potential to cause severe damage to the operating environment and the user. Given that threats and vulnerabilities can exist within any layer of the complex ecosystem , OEMs face a major challenge to ensure security throughout the device life-cycle To lower the potential risk and damage that vulnerabilities may cause, OEMs typically perform application threat analysis and security modelling. This process typically provides a high level guideline to solving security problems which can then be implemented during design and development. However, this concept presents issues where new threats or unknown vulnerability has been discovered. To address this issue, we propose a policy-based security modelling approach, which utilises a configurable policy engine to apply new policies that counter serious threats. By utilising this approach, the traditional security modelling approaches can be enhanced and the consequences of a new threat greatly reduced. We present a realistic use case of connected car, applying several attack scenarios. By utilising STRIDE threat modelling and DREAD risk assessment model, adequate policies are derived to protect the car assets. This approach poses advantages over the standard approach, allowing a policy update to counter a new threat, which may have otherwise required a product redesign to alleviate the issue under the traditional approach.
Modeling Requirements for Security-enhanced Design of Embedded Systems
Proceedings of the 11th International Conference on Security and Cryptography, 2014
Designing an embedded system is a complex process that involves working on both hardware and software. The first step in the design process is defining functional and non-functional requirements; among them, it is fundamental to also consider security. We propose an effective way for designers to specify security requirements starting from User Security Requirements. User Security Requirements are high-level requirements related to security attacks that the system should be able to withstand. We also provide a mechanism to automatically translate these User Requirements into System Security Requirements, that include a detailed description of security solutions. For expressing requirements we use Unified Modeling Language (UML); specifically, we create a UML profile to describe user requirements and we use model-to-model transformation to automatically generate system requirements. We show the effectiveness of the modeling scheme and of the translation mechanism by applying our methodology to a case study based on wearable devices for e-health monitoring.
A model-based approach to integrating security policies for embedded devices
2004
Embedded devices like smartcards can now run multiple interacting applications. A particular challenge in this domain is to dynamically integrate diverse security policies. In this paper we show how a framework based on a concise formal model lets us securely customize a payment card equipped with a programmable chip. We present policy automata, a formal model of computations that grant or deny access to a resource. This model combines defeasible logic with state machines, representing complex policies as combinations of simpler modular policies. We use the model in a framework for specifying, merging and analyzing modular policies. This framework is implemented as Polaris, a tool which analyzes policy automata to reveal potential conflicts or redundancies, and compiles automata into Java Card applets.
Threat model for securing internet of things (IoT) network at device-level
Internet of Things, 2020
This is a PDF file of an article that has undergone enhancements after acceptance, such as the addition of a cover page and metadata, and formatting for readability, but it is not yet the definitive version of record. This version will undergo additional copyediting, typesetting and review before it is published in its final form, but we are providing this version to give early visibility of the article. Please note that, during the production process, errors may be discovered which could affect the content, and all legal disclaimers that apply to the journal pertain.
Evolution of Embedded Platform Security Technologies: Past, Present & Future Challenges
2020 IEEE 33rd International System-on-Chip Conference (SOCC), 2020
In recent years, the proliferation of intelligent embedded technologies is opening venues to new service and computing models, providing diverse socioeconomic benefits. These intelligent technologies are giving rise to a wide range of public and private applications by sharing and analysing generated data. This includes smart home, smart health, smart city, autonomous vehicles, smart grid and smart manufacturing etc. However, where this sharing of data brings benefits and opportunities, it simultaneously presents security risks and challenges. The realisation and prototyping of such technologies require a computing hardware widely available in the form of an embedded platform. The security perimeter and the attack surface of these platforms rely on their supported security and defence mechanisms. This paper aims to build a body-of-knowledge in this area for the security research community. It present the state-of-theart security frameworks and architectures, discuss architectural shortcomings and root-causes of leading security technologies rather than discussing vulnerabilities and attacks. The paper concludes advocating secure-by-design platform approach and classifying platform security methods to realise robust embedded platform security architecture.
Embedded Policing and Policy Enforcement Approach for Future Secure IoT Technologies
Living in the Internet of Things: Cybersecurity of the IoT - 2018, 2018
The Internet of Things (IoT) holds great potential for productivity, quality control, supply chain efficiencies and overall business operations. However, with this broader connectivity, new vulnerabilities and attack vectors are being introduced, increasing opportunities for systems to be compromised by hackers and targeted attacks. These vulnerabilities pose severe threats to a myriad of IoT applications within areas such as manufacturing, healthcare, power and energy grids, transportation and commercial building management. While embedded OEMs offer technologies, such as hardware Trusted Platform Module (TPM), that deploy strong chain-of-trust and authentication mechanisms, still they struggle to protect against vulnerabilities introduced by vendors and end users, as well as additional threats posed by potential technical vulnerabilities and zero-day attacks. This paper proposes a pro-active policy-based approach, enforcing the principle of least privilege, through hardware Security Policy Engine (SPE) that actively monitors communication of applications and system resources on the system communication bus (ARM AMBA-AXI4). Upon detecting a policy violation, for example, a malicious application accessing protected storage, it counteracts with predefined mitigations to limit the attack. The proposed SPE approach widely complements existing embedded hardware and software security technologies, targeting the mitigation of risks imposed by unknown vulnerabilities of embedded applications and protocols.
A Holistic Systems Security Approach Featuring Thin Secure Elements for Resilient IoT Deployments
Sensors
IoT systems differ from traditional Internet systems in that they are different in scale, footprint, power requirements, cost and security concerns that are often overlooked. IoT systems inherently present different fail-safe capabilities than traditional computing environments while their threat landscapes constantly evolve. Further, IoT devices have limited collective security measures in place. Therefore, there is a need for different approaches in threat assessments to incorporate the interdependencies between different IoT devices. In this paper, we run through the design cycle to provide a security-focused approach to the design of IoT systems using a use case, namely, an intelligent solar-panel project called Daedalus. We utilise STRIDE/DREAD approaches to identify vulnerabilities using a thin secure element that is an embedded, tamper proof microprocessor chip that allows the storage and processing of sensitive data. It benefits from low power demand and small footprint as a...
IoTsecM: A UML/SysML Extension for Internet of Things Security Modeling
IEEE Access, 2021
In this paper, an approach referred to as IoTsecM is proposed. This proposal is a UML/SysML extension for security requirements modeling within the analysis stage in a waterfall development life cycle in a Model-Based Systems Engineering Approach. IoTsecM allows the security requirements representation in two very well-known modeling languages, UML and SysML. With the utilization of this extension, IoT developers can consider the security requirements from the analysis stage in the design process of IoT systems. IoTsecM allows IoT systems to be designed considering possible threats and the corresponding security requirements analysis. The applicability of IoTsecM is demonstrated through applying it to analyze and represent the security requirements in an IoT real-life system in the context of collaborative autonomous vehicles in smart cities. In this use case, IoTsecM was able to represent the security requirements identified within the system architecture elements, in which all countermeasures identified were depicted using the proposed IoTsecM profile.
A Novel Software Architecture Solution with a Focus on Long-Term IoT Device Security Support
Applied Sciences, 2021
This paper presents a solution for upgrading a previous device model to an Industry 4.0 smart device, with the goal of maintaining high compatibility. A novel IoT architecture is presented that satisfies the characteristics of a smart device. We analysed existing IoT architectures and proposed a new architecture to achieve long-term security and usability. To ensure long-term security, we eliminated the possibility of device configuration outside the immediate vicinity of the device with a dedicated protocol. The security concepts of the existing architectures were also analysed and further modified. To improve compatibility with previous device models, we propose a new method to collect data from sensors by introducing a multithreaded microcontroller. We propose additional software components to ensure factory programming, maintenance, and cloud Big Data analysis. Based on our experiments, we adapted the algorithm to increase the accuracy of the temperature and flow sensors by usin...
IoT Platforms and Security: An Analysis of the Leading Industrial/Commercial Solutions
Sensors, 2022
For simplifying and speeding up the development of the Internet of Things (IoT) ecosystem, there has been a proliferation of IoT platforms, built up according to different design principles, computing paradigms, technologies, and targets. This paper proposes a review of main examples populating the wide landscape of IoT platforms and their comparison based on the IoT-A reference architecture. In such a way, heterogeneous IoT platforms (both current and future) can be analyzed regardless of their low-level specifications but exclusively through the lens of those key functionalities and architectural building blocks that enable the interplay among devices, data flow, software, and stakeholders within the IoT ecosystem. Among these, security by design (i.e., the inclusion of security design principles, technology, and governance at every level) must be integrated into every tier, component, and application to minimize the risk of cyber threats and preserve the integrity of the IoT plat...