Аннотация.

В статье предлагается подход к выявлению экспертных знаний в области информационной безопасности встроенных устройств для их дальнейшего использования разработчиками встроенных устройств, в том числе в качестве входных данных автоматизированных инструментов проектирования и верификации встроенных устройств.

Ключевые слова:

безопасность встроенных устройств, проектирование и верификация встроенных устройств, экспертные знания, компоненты защиты.

Стр. 58-73.

V.A. Desnitsky, I.V. Kotenko

"The use of expert knowledge for development of secure systems with embedded devices"

The rapid increase of the quantity of embedded devices along with their huge circulation determine design challenges for their protection systems against a wide set of security threats. Due to the specificity of embedded devices the implementation of combined protection mechanisms needs effective resource consumption of their software/hardware modules. Design complexity of secure embedded devices is determined by low structuring and formalization of security knowledge. The paper proposes an approach to elicit security knowledge for subsequent use in automated design and verification tools for secure systems with embedded devices.

Keywords: embedded security, design and verification of embedded devices, expert knowledge, security components

Полная версия статьи в формате pdf.

REFERENCES

1.   Abraham D.G., Dolan G.M., Double G.P., Stevens J.V. Transaction  security  system  //IBM  Systems  Journal,30(2), 1991, pp.206–228.
2.   Agaskar A., He T., Tong L. Distributed Detection of Multi-hop Information Flows with Fusion Capacity Constraints // Signal Processing, IEEE Transactions on, vol.58, No. 6, 2010, pp.3373–3383.
3.  Arbaugh W.A., van Doorn L. Embedded security: chal- lenges and concerns // Computer journal, Vol. 34, No. 10, 2001, pp.40–41.
4.  Braghin C., Sharygina N., Barone-Adesi K. A model checking-based approach for security policy verification of mobile systems // Formal Aspects of Computing Journal, 2011, pp.627-648.
5.   Burleson W., Clark S.S., Ransford B., Fu K. Design challenges for secure implantable medical devices // Design Automation Conference (DAC), 49th ACM/EDAC/IEEE, 2012, pp.12-17.
6.   Chechulin A., Kotenko I., Desnitsky V. An Approach for Network Information Flow Analysis for Systems of Embedded Components // LNCS, Vol. 7531, 2012, pp.146-155.
7.   Cederquist J.G., Torabi D.M. An intruder model for verifying  liveness  in  security  protocols  //  Proceedings  of FMSE '06, 2006, pp.23-32.
8.   Desnitsky  V.,  Kotenko I.,  Chechulin A.  Configuration- based approach to  embedded device security //  LNCS, Vol. 7531, 2012, pp.270-285.
9.  Dick N., McCallum N. High-speed security Embedded security // Communications Engineer journal, Vol. 2, No. 2, 2004, pp.37-39.
10. Eisenring M., Thiele L., Zitzler E. Conflicting criteria in embedded system design // IEEE Design & Test of Computers journal, Vol.17, No. 2, 2000, pp.51-59.
11. Feigenbaum J., Freedman M., Tomas S., Shostack A. Privacy Engineering for Digital Rights Management Systems // Proceedings of the ACM Workshop on Security and Privacy in Digital Rights Management, 2001, pp.76–105.
12. Gogniat G., Wolf T., Burleson W. Reconfigurable Security Primitive for Embedded Systems // Proceedings of International Symposium on In System-on-Chip, 2005, pp. 23-28.
13. Grand J. Practical Secure Hardware Design for Embedded Systems // Proceedings of the 2004 Embedded Systems Conference, San Francisco, California, April 1, 2004.
14. Hedin  D.,  Sabelfeld A.  A  Perspective  on  Information-Flow // summer school Control Tools for Analysis and Verification of     Software     Safety     and     Security, Marktoberdorf, Germany, 2011.
15. Juengst  W., Heinrich M.  Using  Resource Balancing to Configure  Modular  Systems  //  Intelligent  Systems  and their Applications, IEEE Computer Society, Vol. 13, Issue 4, 1998, pp.50-58.
16. Knezevic M., Rozic V., Verbauwhede I. Design Methods for Embedded Security // Telfor Journal,  Vol. 1, No. 2, 2009.
17. Kocher P., Lee R., Mcgraw G., Ravi S. Security as a new dimension in embedded system design // Proceedings of the  41st  Design  Automation  Conference (DAC  ’04)  , 2004, pp.753-760.
18. Kommerling O., Kuhn M. Design principles for tamper-resistant  smartcard  processors   //   Proceedings  of   the USENIX  Workshop  on  Smartcard  Technology,  1999, pp.9–20.
19. Koopman P. Embedded System Security // IEEE Computer, No. 7, 2004.
20. Kotenko I., Polubelova O.Verification of Security Policy Filtering Rules by Model Checking // Proceedings of IEEE Fourth International Workshop on "Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications" (IDAACS'2011) , 2011, pp.706-710
21. Object   Management   Group,   The   UML   Profile   for MARTE: Modeling and Analysis of Real-Time and Embedded Systems, Version 1.1, 2011.
22. Moyers B.R., Dunning J.P., Marchany R.C., Tron J.G. Effects of Wi-Fi and Bluetooth Battery Exhaustion Attacks on Mobile Devices // Proceedings of the 43rd Hawaii International Conference on System Sciences (HICSS'10), IEEE Computer Society, 2010, pp.1-9.
23. Pieters W., Coles-Kemp L. Reducing normative conflicts in information security // Proceedings of the 2011 workshop on New security paradigms workshop, 2011, pp.11-24.
24. Pistoia M., Chandra S., Fink S., Yahav E. A Survey Of Static Analysis Methods for Identifying Security Vulnerabilities In Software Systems // IBM Systems Journal, 2007.
25. Rae A. J., Wildman L.P. A Taxonomy of Attacks on Secure Devices // Australian Information Warfare and IT Security, 20–21 November 2003, Australia, 2003, pp.251–264.
26. Rae A., Fidge C. Identifying Critical Components during In- formation Security Evaluations // Journal of Research and Practice in Information Technology, 2005, pp. 391–402.
27. Ravi S., Raghunathan A., Kocher P., Hattangady S. Security in Embedded Systems: Design Challenges // ACM Transactions on      Embedded      Computing      Systems,Vol.3,No.3, 2004, pp.461-491.
28. Ruiz J., Harjani R., Maña A., Desnitsky V., Kotenko I., Chechulin A. A Methodology for the Analysis and Modeling of Security Threats and Attacks for Systems of Embedded Components // Proceedings of the 20th Euromicro International Conference on Parallel, Distributed and Network-Based Computing (PDP2012). Munich, Germa- ny, February 15-17, 2012.
29. Ruiz  J.,  Rein  A.,  Arjona  M.,  Mana  A.,  Monsifrot  A., Morvan M. Security Engineering and Modelling of Set-Top Boxes // Proceedings of BioMedical Computing (BioMedCom),  2012  ASE/IEEE  International  Conference, 2012, pp.113-122.
30. Sabin D., Weigel R. Product configuration frameworks-a survey // Intelligent Systems and their Applications IEEE Computer Society, Vol.13, Issue 4, 1998, pp.42–49.
31. SecFutur. Design of Secure and energy-efficient embedded systems for Future internet applications, FP7 Project Web site, http://www.secfutur.eu.
32. Sprintson A., El Rouayheb S.,  Georghiades C. A  New Construction Method for Networks from Matroids // Proceedings of the 2009 Symposium on Information Theory (ISIT'09), 2009.
33. Wang Z., Johnson R., Murmuria R., Stavrou A. Exposing Security Risks for Commercial Mobile Devices // Computer Network Security, LNCS, Vol.7531, 2012, pp.3–2.
34. Wei G., Qin Y. An Approach of Product Configuration Based on Decision Tree and Minimum Conflicts Repair Algorithm // Proceedings of the International Conference on Information Management, Innovation Management and Industrial Engineering (ICII '09),Vol.1, 2009, pp.126-129.
35. Yu B., Skovgaard H. A Configuration Tool to Increase Product Competitiveness // IEEE Intelligent Systems 13, Vol. 4, 1998, pp.34-41.