Title page for ETD etd-09242012-185941


Type of Document Dissertation
Author Farag, Mohammed Morsy Naeem
Author's Email Address mmorsy@vt.edu
URN etd-09242012-185941
Title Architectural Enhancements to Increase Trust in Cyber-Physical Systems Containing Untrusted Software and Hardware
Degree PhD
Department Electrical and Computer Engineering
Advisory Committee
Advisor Name Title
Patterson, Cameron D. Committee Chair
Martin, Thomas L. Committee Member
Mortveit, Henning S. Committee Member
Ravindran, Binoy Committee Member
Riad, Sedki Mohamed Committee Member
Rizk, Mohamed Committee Member
Keywords
  • Hardware Trojans
  • Reconfigurable Hardware
  • Embedded Systems Security
  • Cognitive Radio
  • Trusted Computing
  • Cyber-Physical Systems
  • Process Control Systems
Date of Defense 2012-09-17
Availability unrestricted
Abstract
Embedded electronics are widely employed in cyber-physical systems (CPSes), which tightly integrate and coordinate computational and physical elements. CPSes are extensively deployed in security-critical applications and nationwide infrastructure. Perimeter security approaches to preventing malware infiltration of CPSes are challenged by the complexity of modern embedded systems incorporating numerous heterogeneous and updatable components. Global supply chains and third-party hardware components, tools, and software limit the reach of design verification techniques and introduce security concerns about deliberate Trojan inclusions. As a consequence, skilled attacks against CPSes have demonstrated that these systems can be surreptitiously compromised. Existing run-time security approaches are not adequate to counter such threats because of either the impact on performance and cost, lack of scalability and generality, trust needed in global third parties, or significant changes required to the design flow.

We present a protection scheme called Run-time Enhancement of Trusted Computing (RETC) to enhance trust in CPSes containing untrusted software and hardware. RETC is complementary to design-time verification approaches and serves as a last line of defense against the rising number of inexorable threats against CPSes. We target systems built using reconfigurable hardware to meet the flexibility and high-performance requirements of modern security protections. Security policies are derived from the system physical characteristics and component operational specifications and translated into synthesizable hardware integrated into specific interfaces on a per-module or per-function basis. The policy-based approach addresses many security challenges by decoupling policies from system-specific implementations and optimizations, and minimizes changes required to the design flow. Interface guards enable in-line monitoring and enforcement of critical system computations at run-time. Trust is only required in a small set of simple, self-contained, and verifiable guard components. Hardware trust anchors simultaneously addresses the performance, flexibility, developer productivity, and security requirements of contemporary CPSes.

We apply RETC to several CPSes having common security challenges including: secure reconfiguration control in reconfigurable cognitive radio platforms, tolerating hardware Trojan threats in third-party IP cores, and preserving stability in process control systems. High-level architectures demonstrated with prototypes are presented for the selected applications. Implementation results illustrate the RETC efficiency in terms of the performance and overheads of the hardware trust anchors. Testbenches associated with the addressed threat models are generated and experimentally validated on reconfigurable platform to establish the protection scheme efficacy in thwarting the selected threats. This new approach significantly enhances trust in CPSes containing untrusted components without sacrificing cost and performance.

Files
  Filename       Size       Approximate Download Time (Hours:Minutes:Seconds) 
 
 28.8 Modem   56K Modem   ISDN (64 Kb)   ISDN (128 Kb)   Higher-speed Access 
  Farag_MM_D_2012.pdf 2.61 Mb 00:12:04 00:06:12 00:05:25 00:02:42 00:00:13
  Farag_MM_D_2012_Copyright_1.pdf 885.90 Kb 00:04:06 00:02:06 00:01:50 00:00:55 00:00:04

Browse All Available ETDs by ( Author | Department )

dla home
etds imagebase journals news ereserve special collections
virgnia tech home contact dla university libraries

If you have questions or technical problems, please Contact DLA.