Ecole d'ingénieur et centre de recherche en télécommunications

Enabling trusted scheduling in embedded systems

Jayaram Masti, Ramya; Marforio, Claudio; Ranganathan, Aanjhan; Francillon, Aurélien; Capkun, Srdjan

ACSAC 2012, 28th Annual Computer Security Applications Conference, December 3-7, 2012, Orlando, Florida, USA

The growing complexity and increased networking of security and safety-critical systems expose them to the risk of adversarial compromise through remote attacks. These attacks can result in full system compromise, but often the attacker gains control only over some system components (e.g., a peripheral) and over some applications running on the system. We consider the latter scenario and focus on enabling on-schedule execution of critical applications that are running on a partially compromised system --- we call this trusted scheduling. We identify the essential properties needed for the realization of a trusted scheduling system and we design an embedded system that achieves these properties. We show that our system protects not only against misbehaving applications but also against attacks by compromised peripherals. We evaluate the feasibility and performance of our system through a prototype implementation based on the AVR ATmega103 microcontroller.

Document Doi Bibtex

Type:Conférence
Langue:English
Ville:Orlando
Pays:ÉTATS-UNIS
Date:
Département:Réseaux et Sécurité
Eurecom ref:3786
Copyright: © ACM, 2012. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in ACSAC 2012, 28th Annual Computer Security Applications Conference, December 3-7, 2012, Orlando, Florida, USA http://dx.doi.org/10.1145/2420950.2420960
Bibtex: @inproceedings{EURECOM+3786, doi = {http://dx.doi.org/10.1145/2420950.2420960}, year = {2012}, title = {{E}nabling trusted scheduling in embedded systems}, author = {{J}ayaram {M}asti, {R}amya and {M}arforio, {C}laudio and {R}anganathan, {A}anjhan and {F}rancillon, {A}ur{\'e}lien and {C}apkun, {S}rdjan}, booktitle = {{ACSAC} 2012, 28th {A}nnual {C}omputer {S}ecurity {A}pplications {C}onference, {D}ecember 3-7, 2012, {O}rlando, {F}lorida, {USA} }, address = {{O}rlando, {\'{E}}{TATS}-{UNIS}}, month = {12}, url = {http://www.eurecom.fr/publication/3786} }
Voir aussi: