Pro-Active Policing and Policy Enforcement Architecture for Securing MPSoCs

2020 IEEE 33rd International System-on-Chip Conference (SOCC)

2020

Self Cite

In recent years, the proliferation of intelligent embedded technologies is opening venues to new service and computing models, providing diverse socio-economic benefits. These intelligent technologies are giving rise to a wide range of public and private applications by sharing and analysing generated data. This includes smart home, smart health, smart city, autonomous vehicles, smart grid and smart manufacturing etc. However, where this sharing of data brings benefits and opportunities, it simultaneously presents security risks and challenges. The realisation and prototyping of such technologies require a computing hardware widely available in the form of an embedded platform. The security perimeter and the attack surface of these platforms rely on their supported security and defence mechanisms. This paper aims to build a body-of-knowledge in this area for the security research community. It present the state-of-theart security frameworks and architectures, discuss architectural shortcomings and root-causes of leading security technologies rather than discussing vulnerabilities and attacks. The paper concludes advocating secure-by-design platform approach and classifying platform security methods to realise robust embedded platform security architecture.

Section: Evolution Of Embedded Platform Securitymentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Evolution of Embedded Platform Security Technologies: Past, Present & Future Challenges

2020 IEEE 33rd International System-on-Chip Conference (SOCC)

2020

Self Cite

“…A detailed SoC platform architecture [29], [30] and security modelling approach [31] that realises the proposed characteristics and embedded security requirements has been defined and implemented.…”

Section: B Architectural Components To Secure Next-generation Edge Tmentioning

confidence: 99%

Enhancing Security and Privacy of Next-Generation Edge Computing Technologies

Hagan

2019 17th International Conference on Privacy, Security and Trust (PST)

2019

Self Cite

The advent of high performance fog and edge computing and high bandwidth connectivity has brought about changes to Internet-of-Things (IoT) service architectures, allowing for greater quantities of high quality information to be extracted from their environments to be processed. However, recently introduced international regulations, along with heightened awareness among consumers, have strengthened requirements to ensure data security, with significant financial and reputational penalties for organisations who fail to protect customers' data. This paper proposes the leveraging of fog and edge computing to facilitate processing of confidential user data, to reduce the quantity and availability of raw confidential data at various levels of the IoT architecture. This ultimately reduces attack surface area, however it also increases efficiency of the architecture by distributing processing amongst nodes and transmitting only processed data. However, such an approach is vulnerable to device level attacks. To approach this issue, a proposed System Security Manager is used to continuously monitor system resources and ensure confidential data is confined only to parts of the device that require it. In event of an attack, critical data can be isolated and the system informed, to prevent data confidentiality breach.

“…A detailed System-on-Chip (SoC) platform architec-ture [28], [35] and security modelling approach [25] that realises the proposed embedded microarchitectural characteristics of a cyber resilient embedded system have been published.…”

Section: ) An Independent Active Runtime System Securitymentioning

confidence: 99%

Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure

Hagan

2019 32nd IEEE International System-on-Chip Conference (SOCC)

2019

Self Cite

The mass integration and deployment of intelligent technologies within critical commercial, industrial and public environments have a significant impact on business operations and society as a whole. Though integration of these critical intelligent technologies pose serious embedded security challenges for technology manufacturers which are required to be systematically approached, in-line with international security regulations. This paper establish security foundation for such intelligent technologies by deriving embedded security requirements to realise the core security functions laid out by international security authorities, and proposing microarchitectural characteristics to establish cyber resilience in embedded systems. To bridge the research gap between embedded and operational security domains, a detailed review of existing embedded security methods, microarchitectures and design practises is presented. The existing embedded security methods have been found ad-hoc, passive and strongly rely on building and maintaining trust. To the best of our knowledge to date, no existing embedded security microarchitecture or defence mechanism provides continuity of data stream or security once trust has broken. This functionality is critical for embedded technologies deployed in critical infrastructure to enhance and maintain security, and to gain evidence of the security breach to effectively evaluate, improve and deploy active response and mitigation strategies. To this end, the paper proposes three microarchitectural characteristics that shall be designed and integrated into embedded architectures to establish, maintain and improve cyber resilience in embedded systems for next-generation critical infrastructure.