Embedded Policing and Policy Enforcement Approach for Future Secure IoT Technologies

2018 31st IEEE International System-on-Chip Conference (SOCC)

2018

Complex embedded systems often contain hard to find vulnerabilities which, when exploited, have potential to cause severe damage to the operating environment and the user. Given that threats and vulnerabilities can exist within any layer of the complex ecosystem , OEMs face a major challenge to ensure security throughout the device life-cycle To lower the potential risk and damage that vulnerabilities may cause, OEMs typically perform application threat analysis and security modelling. This process typically provides a high level guideline to solving security problems which can then be implemented during design and development. However, this concept presents issues where new threats or unknown vulnerability has been discovered. To address this issue, we propose a policy-based security modelling approach, which utilises a configurable policy engine to apply new policies that counter serious threats. By utilising this approach, the traditional security modelling approaches can be enhanced and the consequences of a new threat greatly reduced. We present a realistic use case of connected car, applying several attack scenarios. By utilising STRIDE threat modelling and DREAD risk assessment model, adequate policies are derived to protect the car assets. This approach poses advantages over the standard approach, allowing a policy update to counter a new threat, which may have otherwise required a product redesign to alleviate the issue under the traditional approach.

show abstract

Section: Related-workmentioning

confidence: 67%

“…2) Hardware-based policy engine (HPE) architecture: Siddiqui et al have presented a hardware-based policy engine (HPE), a system architecture that checks the approved list of devices and either grants or restrict access to the device [21].…”

Section: B Policy Enforcement Approachmentioning

confidence: 99%

Policy-Based Security Modelling and Enforcement Approach for Emerging Embedded Architectures

2018 31st IEEE International System-on-Chip Conference (SOCC)

2018

show abstract

“…The concept of applying access control policy has further been explored within hardware. Siddiqui et al [22] detailed a pro-active, policy based hardware enforcement mechanism known as a Security Policy Engine. This hardware based approach offers independent monitoring of transactions on the system communication bus, providing an additional layer of security that can protect the device when, for example, software based protections have been bypassed or compromised.…”

Section: Additional Techniques and Methodologiesmentioning

confidence: 99%

Enforcing Policy-Based Security Models for Embedded SoCs within the Internet of Things

2018 IEEE Conference on Dependable and Secure Computing (DSC)

et al. 2018

“…A detailed SoC platform architecture [29], [30] and security modelling approach [31] that realises the proposed characteristics and embedded security requirements has been defined and implemented.…”

Section: B Architectural Components To Secure Next-generation Edge Tmentioning

confidence: 99%

Enhancing Security and Privacy of Next-Generation Edge Computing Technologies

2019 17th International Conference on Privacy, Security and Trust (PST)

2019