K.S.

RANGASAMY COLLEGE OF TECHNOLOGY

TIRUCHENGODE -637215

PAPER PRESENTATION ON

FUZZY LOGIC
THE FUZZY INTEGRATED EVALUATION OF EMBEDDED SYSTEM SECURITY
Submitted By K.POOR NIMA, III-YEAR(ECE), P !"#$%.&%'#&!#()"%"*+$%#,.- $.

..NEERA.A/ III-YEAR0ECE1/ "22!%3%3%+%"*+$%#,.- $ .

T)2 F4556 I"72+!%728 E'%,4%7# " 9 E$:28828 S6(72$ S2-4!#76

Abstract
The embedded systems field has laid a significant mark with an astounding rapid growth, ranging from low-end systems such as cellular phones, PDAs, smart cards to high-end systems such as gateways, firewalls, storage servers, and web server. Thus Security of embedded system becomes a paramount issue in embedded system design. ompared to an embedded system!s functionality and other design metric, security is currently specified by system architects in a vague and imprecise manner. "ur paper proposes a fu##y integrated security evaluation method based on mancomputer combined data collection and fu##y e$pert evaluation in !e"#$i met$%d. The method could reduce the sub%ectivity of e$pert evaluation and alleviate the difficulty of data collection and makes possible a better combination of &ualitative and &uantitative evaluations. 'irstly, the hierarchy structure model of embedded system security is constructed. Secondly, according to data collected and the evaluation comment of each e$pert, the sub%ection degree matri$ is constructed. 'inally, a new concept of (de&ree %' assura(ce) is presented for the &uantificational evaluation of embedded system security. *n this paper a study of a wireless bi%metric aut$e(ticati%( de)ice is also shown. The case illustrates that the method can be easily used and its results conform to the actual situation. consequences of exploiting their security vulnerabilities can go beyond mere annoyance to significant societal disruption. Successful attacks have been reported on the US Power rid and the sewer system of !ustralia"s #aroochy Shire $ouncil. %ther incidents such as a worm infection have affected the &avis'(esse )uclear Power Plant and $S* +ailroad $orp. To deal with such security threats we need to evaluate the security of embedded system. The security evaluation of embedded system is a process in which the risk factors of the system are analy,ed and explained. The basic goal of the security evaluation is to control the risk in acceptability. Security factors of embedded system include the areas of cryptography, computing, networking and others. -owever, security is not considered as the addition of features such as specific cryptographic algorithms and security protocols. .n reality, the security architecture of embedded system should be more complex. (y the reason of the uncertainty of the evaluation factors, the fu,,y logic method is used . .n this paper an improved fu,,y method is proposed to solve the security evaluation.

2. R2<4#!2$2"7( 9 2$:28828 (6(72$( (2-4!#76;

Security of embedded systems is different from enterprise and desktop computing because embedded systems perform under constrained resources such as power and memory and are easily accessible at the physical layer. ! common security requirements model of embedded systems is provided . The model considers security from a function centric perspective into system architecture.

1. I"7! 84-7# ";

There is increasing concern of the security threats embedded systems ,because they can effect changes in the physical world, the

technology. To construct security evaluation model, firstly evaluation factors are recogni,ed, then data is collected through man'computer method, at last based on fu,,y sub5ection theory and &elphi method qualitative evaluation is transferred to quantitative evaluation.

3.1 T)2 !2- +"#7# " 2'%,4%7# " F%-7 !(

(2-4!#76

!ccess to the embedded system should be restricted to a selected set of authori,ed users /user identification0, while access to a network or a service has to be provided only if the device is authori,ed /secure network access0. The availability of the embedded system from malicious entities could result in a degradation of performance or complete denial of service to legitimate users. 1mbedded system security need protect critical or sensitive information /code or data0 throughout its lifetime. Secure storage involves securing information in the embedded system2s storage devices, external or internal to the system. 3inally, tamper resistance refers to the desire to maintain these security requirements even when the device falls into the hands of malicious parties and can be physically or logically probed.

.n the evaluation of embedded system security, we encounter problems such as the complication of security factors and difficulty of data collection. There is no single method to solve these problems. 4e need an integrated evaluation method which comprises expert evaluation, statistical information and compute technology. To construct security evaluation model, firstly evaluation factors are recogni,ed, then data is collected through man'computer method, at last based on fu,,y sub5ection theory and &elphi method qualitative evaluation is transferred to quantitative evaluation.

3.1.1 T)2 !2- +"#7# " 2'%,4%7# " F%-7 !(;

(2-4!#76

&ue to these unique characteristics of embedded system security, we can"t solve embedded security at a single level of abstraction. 4ith the reference of security pyramid model , we give the recognition of security evaluation factors in a three level hierarchy model as following figure.

3. M 82, 9 2$:28828 (6(72$ (2-4!#76 2'%,4%7# "

.n the evaluation of embedded system security, we encounter problems such as the complication of security factors and difficulty of data collection. There is no single method to solve these problems. 4e need an integrated evaluation method which comprises expert evaluation, statistical information and compute

F#+4!26.T)!22 ,2'2, )#2!%!-)6 (2-4!#76 $ 82,

opinion feedback /!dler and 7iglio, 899:0. !ccording to -elmer /89;;0 &elphi represents a useful communication device among a group of experts and thus facilitates the formation of a group 5udgment . (ased on data colleted experts make evaluations relying on their individual competence and are sub5ective, &elphi method is utili,ed to ad5ust the fu,,y evaluation of each expert to achieve the consensus condition of the all experts consistent.

3.2 M%"-- $=472! - $:#"28 8%7% - ,,2-7# ";

+easonable evaluation should be based on data collected. !pplied with .T technology including computer log system, automatic audit system, much of security data could be automatically collected such as power consumption and area occupation. Using computer technology can bring benefits. 3irstly it could reduce the sub5ectivity of expert evaluation and make the evaluation method more scientific and ob5ective. Secondly it alleviates the human workload in data collection which not only cuts down the cost of human labor but also improves the veracity and the coverage of data collection. %n the occasions that data could not be automatically collected by computer such as situations about cryptographic algorithm and hardware design, questionnaire survey and %n' the'spot investigation also could be applied.

F, ?-)%!7 9 ! 7)2 D2,=)# M27) 8;

3.3 E>=2!7 $27) 8;

2'%,4%7# "

#"

D2,=)#

3.@ I"72+!%728 F4556 E'%,4%7# ";

The ma5or steps of evaluation are as the following. S72=1. $onstruct the hierarchical structure. The top layer is the focus of the goal, and the bottom level, consists of the alternatives under evaluation. The factors and any sub'factors used to make the decision comprise the middle levels. The factors is divided into s subsets which
4

The ob5ective of most &elphi applications is the reliable and creative exploration of ideas or the production of suitable information for decision making. The &elphi #ethod is based on a structured process for collecting and distilling knowledge from a group of experts by means of a series of questionnaires interspersed with controlled

defined as <8,<6=<S /<i<5>?/8@i,5@s iA500. 1ach subset <i is constructed by the factors in the next level denoted as *in, so the characteristic vector of each subset <i is presented by the expression. Y#A0B#1/B#2/C/B#"1

4eighted average means is applied to each vector (i to take valuable information of each evaluation into account. The expression

S72=2. $onstruct the 5udge set. The expert

group which is composed of embedded system experts, embedded system designer and end users provides all the 5udgments of the set. Suppose the 5udge set has m 5udgments, 5udge set B is VA DV 1/ V 2/C/ V $E. S72=3. (uild fu,,y evaluation matrix. 4e can construct the fu,,y reflection fC <D3/B0, < is the whole of the factor set and 3/B0 is the whole of the fu,,y set in B. The reflection f means the degree of the support from the factor <i to each 5udgment in the 5udge set . The sub5ection vector of <i to the 5udge set B is R#A 0!#3/&1 "F$0#A1/2/.(G 3A1/2./"G &A1/2/C/$1. ri5,k is the sub5ection degree of factor xi5 to 5udgment B k given by expert which meets therequirements that the range of the value is EF, 8G and the count of values Hri5 >8.

S72=6. $alculate the whole fu,,y evaluation.

1ach subset <i is treated as a single element and (i is treated as evaluation vector of <i, The fu,,y evaluation matrix

+eferred with priority weight vector of each subset ! which is represented AA 0%1/%2/C/%(0 ,the final evaluation TAAHBA071/72/C/7$1 is calculated.

3.5 I4%"7#9#-%7# "%, 2'%,4%7# " !2(4,7 9 (2-4!#76;

.t is difficult to give quantificational result to final evaluation. To achieve a quantificational evaluation result, the degree of assurance is introduced which is denoted as . To calculate , 5udge set B should be quantified first. 3or example, 5udgment IBery -ighI would be evaluated as 8FF. Juantified 5udge set

S72=@. 1stimate the normali,ed priority weights. The priority weight vector of subsets is presented by the expression. A#A 0%#1/%#2/C/%#"1

There are several methods such as !-P method and dual correlation function method to give priority weights. !ccording to the particularity of embedded system security, in the case of this paper the weights are given by experts in &elphi method.

S72=5.

$alculate evaluation vector (i corresponding to subset <i. The calculation formula is B#AA#HR#A 0:#1/:#2/C/:#$1.

@. T)2 -%(2; .n this paper, we give a case of a wireless biometric authentication device which is to facilitate secure biometric authentication between a user and a server in applications such as intelligent keys, credit card. ! user enters acclaimed identity which is stored in the device into a server. !fter the server validates themclaimed identity, the user impresses a
5

fingerprint on the server"s sensor. The server extracts the fingerprint"s unique features and matches them with apreviously stored template. The server decides to corroborate or deny the user"s claimed identity based on a matching threshold..n this case the hierarchy structure is constructed firstlyK evaluation factors are divided into four subsets which are Protocol, !lgorithm, !rchitecture and +esource. Sub' factors and the alternatives under evaluation are shown as Tables 8 /priority weight in the brackets0. The 5udge set B is VA DV 1/ V 2/ V 3/ V @/ V 5L which shows the risk probability level. .ts meaning is I B 8 Bery -igh, B 6 -igh, B M #edium , B N Oow , B P Bery OowI.

C!6=7 +!%=)#- A,+ !#7)$;

A!-)#72-74!2C

S 97?%!2 %"8 )%!8?%!2 D2(#+"; C%,-4,%72 2'%,4%7# " '2-7 ! B#;

(8>!8Q+8> /F.6:F F.M:P F.6;P F.8FF F.FFF0, (6>!6Q+6> /F.6:F F.M8F F.M:F F.F;F F.FFF0, (M>!MQ+M> /F.6PP F.6:P F.6RF F.F9F F.88F0, (N>!NQ+N> /F.NFF F.6;P F.66P F.8FF F.FFF0, The final evaluation T is also calculated as TAAHBA0J.27K J.2K5 J.2K5 J.JL7 J.J@@ 1 +eferred with the definition in section M.P,5udge set B is quantified as V MAD1JJ LJ 6J @J 2JE. The degree of assurance GATHVMA73.56. Suppose it defines the value from F to MF to be very dangerous, from M8 to :F to be unsafe, from :8 to ;F to be normally safe, from ;8 to RP to be well guarded, from R: to 8FF to be perfect, The security of the embedded device in this case is normally safe but it need improves and reinforced.

R2( 4!-2(;

The experts make 5udgments of the sub5ection to the 5udge set B. 1valuation matrixes +8, +6, +M and +N areC

5. C "-,4(# ";
The security evaluation of embedded system is the need of the hour because embedded systems can effect changes in our physical world, the consequences of exploiting their security vulnerabilities can be significant to the society. .n this paper, an integrated evaluation method of embedded system security is presented. 1ach risk factor is estimated by the experts and for calculating the quantificational security evaluation of the whole system, the degree of assurance is introduced. The case result in this paper shows that the proposed method is scientific and tally with the actual situation.

R292!2"-2(;
E8G -wang, &.&.K Schaumont, P.K Tiri, S.K Berbauwhede, .., ISecuring embedded systems,I Security + Privacy ,aga#ine, *--- , vol.N, no.6, pp. NF'N9, #arch'!pril 6FF: E6G The &elphi #ethod &efinition and -istorical (ackground 6FF;, available at httpCTTwww. iit.eduUitTdelphi.html, 6FF;'88'6F. EMG The &elphi #ethod 6FF;, available at httpCTTwww.ryerson.caTUm5oppeT+esearch Process RN8The&elphi#ethod.htm, 6FF;'88'68. E NG 4eaver, )., Paxson, B., Staniford, S., and $unningham, +. 6FFM. ! taxonomy of computer worms. .n Proceedings of the 6FFM !$# 4orkshop on +apid #alcode /4ashington, &$, US!, %ctober 6; ' 6;, 6FFM0. 4%+# 2FM. !$# Press, )ew <ork, )<, 88'8R EPG #ustafa # !, 3!.'(ahar V, Pro5ect risk assessment using the analytic hierarchy process, .111 Transactions on 1ngineering #anagement, vol.MR, no.8, pp.N:'P6, 8998. .