Universität Paderborn » SFB 901 » Events


Talk given by Prof. Dr. Christophe Bobda (University of Arkansas at Fayetteville)

Begin: Wed, 06. of Apr 2016 ( 4:00 PM)
Location: Fürstenallee 11, Room F0.530


Protection of sensitive data in networked and embedded systems has become a critical problem with far-reaching financial and societal implications. Malicious components can be either software code planted in the memory anytime during or after system design, or hardware modules also known as hardware Trojan, built into the chip at design and fabrication time to exploit system vulnerabilities, and gain access to critical resources through control or non-control data, overwrite program code or data structures, leak critical information or launch malicious code. Static approaches for security mitigation assume a fixed hardware infrastructure and use intense simulation, verification and physical tests to detect the presence of malicious components. This limits mitigation possibilities and increase detection efforts, time, and costs. Dynamic methods rely on cryptosystems and tools such as dynamic information flow tracking (DIFT) to tag (taint) memory data from untrusted sources, such as I/O networks, and keyboards, and track its propagation through the system to prevent non-authorized data access.

We first present and discuss an integrated hardware/software architecture to enforce security in networked workstations and embedded devices such as printers and microscopes. Those devices are usually connected to the Internet without protection, at the mercy of attackers. Our solution operates as an intermediate isolation and protection module (IPM) between the network and the device to be protected. The IPM can be implemented as a dedicated IP on a system-on-chip, or as a separate chip to analyze incoming and outgoing traffic for malicious activities, in a transparent way to the device under protection. We then discuss a novel approach called “hardware sandboxing” for mitigation of hardware Trojan in Systems-on-Chip. With the assumption that Trojans can cause harm only when they are activated, the goal is to avoid cumbersome and sometimes destructive pre-fabrication and pre-deployment tests for Trojans in SoCs, by building systems capable of capturing Trojan activation or simply nullifying their effect at run-time to prevent damage to the system. To reach this goal, non-trusted IPs and COTS are executed in sandboxes with checkers and virtual resources. While checkers are used to detect run-time activation of Trojans and mitigate potential damage to the system, virtual resources are provided to IPs in the sandbox, thus preventing direct access to physical resources.

The talk will discuss design and implementation challenges as well as optimization, current results and future work.