Professional Documents
Culture Documents
A Review Paper: Embedded Security
A Review Paper: Embedded Security
A Review Paper: Embedded Security
ISSN No:-2456-2165
Abstract:- Embedded devices has its hands over all II. METHODOLOGIES
fields, however they are easily vulnerable for external
attacks, any third party can easily cause its system to fail All embedded systems consist of inbuilt code running
by modifying any one of the component that they within it, for the proper functioning of the embedded system
depend. Further the codes that these devices execute are it is necessary that these codes are executed completely
more vulnerable to the attacks as a single change in its without any change in its flow of execution. The attackers
execution can change its behaviour. Therefore it is can easily make the system to fail by changing its flow in its
necessary that these devices are highly secured. Security execution; thereby it is necessary to maintain some methods
can be increased at the design level to be more hard to to check if there is any malicious code running behind i.e
external attacks, further continuous monitoring of the checking if there is any eviation from its normal flow.
codes provide means of checking if any harmful codes
are executed. This paper provides a review of the A. IC Metric Detection
existing methods to detect if the code being executed is IC metrices are unique identifiers which are generated
malicious or not thereby deciding whether to allow or with the specific program. The program counter value and
stop the execution also few design strategy which could the number of cycles per instruction are selected as the IC
increase the security of the embedded devices. metric features from which the unique characteristics of the
system could be determined. The PC value can be captured
I. INTRODUCTION at any time during the execution of the program; however a
large number of data has to be processed for the feature
Embedded security is a major part to be careful, as extraction which degrades the system performance. In CPI
they span over a vast area. Mistakes could lead to many more instructions could be analysed in less interval of time.
hazardous like property damage, security breaches, personal
injury and even death. Increasing the security of the system p, q are the program running on hardware f and f (p)
will cause an increase in the cost. To have a advantage over is the set of characteristics extracted from p, Then f (p) is
the market by cutting the security corners will be dangerous, the IC metrics of p, only if the following two conditions
as many of them are with real time deadlines even a small are satisfied:
extra delay will make it vulnerable. Being energy operated 1) f (p) is obtained from p running on f .
systems draining the battery of the system can cause the 2) Program q is a copy of p => f (p) = f (q).
system failure. Embedded systems are available in many The Average CPI is calculated based from (1):
forms which can be easily programmed to waste the CPI=C/I (1)
resources and even cause destruction. Privacy can also be Where i is the total number of executed instructions, c
easily exploited by attackers, this serves as a major problem is the number of cycles for executing i instructions.
when it comes with military details. Thus security of
embedded systems stays as a major threat in spite of the In [1] CPI value is taken for 10000 instructions per
developments. interval, choosing a interval of lesser instructions per cycle
yields more features about the program. The information
The need for the secure embedded devices stands as a derived from the CPI at specific window interval is treated
major factor with its development. The codes executed as the base and other malicious code running with not
could be easily altered; therefore it is necessary to provide predicting the same level of CPI there by further execution
some means of checking to check if the code being executed of the code is prevented.
is completely normal. If there is any presence of malicious
code running then the system should be stopped and In [2] a self-organising maps (SOM)-based approach
prevented from further execution. is used to increase the security level of embedded system by
detecting abnormal program behaviour. Cycle per
Instruction (CPI) is used to extract corresponding Program
Counter (PC) values, and use it as IC Metrics features for
correct program identification, allowable to execute on the
embedded architecture, and an unsupervised Self-
Organising Map (SOM) is used to classify the behaviour of