Abstract. With the rapid development of embedded systems, the systems' security has become more and more important. Most embedded systems are at the risk of series of software attacks, such as buffer overflow attack, Trojan virus. In addition, with the rapid growth in the number of embedded systems and wide application, followed embedded hardware attacks are also increasing. This paper presents a new hardware assisted security mechanism to protect the program's code and data, monitoring its normal execution. The mechanism mainly monitors three types of information: the start/end address of the program of basic blocks; the lightweight hash value in basic blocks and address of the next basic block. These parameters are extracted through additional tools running on PC. The information will be stored in the security module. During normal program execution, the security module is designed to compare the real-time state of program with the information in the security module. If abnormal, it will trigger the appropriate security response, suspend the program and jump to the specified location. The module has been tested and validated on the SOPC with OR1200 processor. The experimental analysis shows that the proposed mechanism can defence a wide range of common software and physical attacks with low performance penalties and minimal overheads.
The security of embedded systems has attracted much attention as they are being used in more and more fields in people's life. Traditional technologies to protect the normal program execution are often software-based and they mainly focus on the protection of application code. In this paper, a hardware assisted framework is proposed to protect the program data validation at run-time. It divides the data into static data and dynamic data according to whether its values and spaces are constant or not. We extract the static data previously and get its validation information before the program runs. Since the information of static data stay constant during the execution, any deviation from it in the real-time data validation can be detected dynamically. Attacks to the integrity of dynamic data are defended by checking the data validation according to the store and load instructions at run-time. CRC algorithm is used in this proposal to compromise the security checking and resource consumption. The experimental result shows our proposed technique can protect program data validation with an acceptable resource overhead.
Abstract. With the development of molecular biology and gene-engineering technology, gene diagnosis has been an emerging approach for modern life sciences. Biological marker, recognized as the hot topic in the molecular and gene fields, has important values in early diagnosis, malignant tumour stage, treatment and therapeutic efficacy evaluation. The design of markers detection genetic circuit system for lung cancer is presented as a new method to provide basis for early warning and therapy. The system consists of three singlemarker detection circuits and an integration circuit. The single-marker detection circuit provides an instantaneous low level when target marker's concentration reaches the threshold. The integration circuit uses gene and gate to complete the output data fusion from single-marker detection circuit through logic operations to finish the combined detection. All the structure is modelled and analyzed by iBioSim through the biochemical reactions of different gene circuits. The experimental result indicates that the whole lung cancer detection system can realize joint detection of tumor markers with good stability and sensitivity.
Embedded security monitoring module is a dedicated hardware that runs parallel with the embedded processor, which is used to monitor the integrity of the data and code to enhance program execution security of embedded system. It uses hardware-supported methods computing a hash value of instructions with the hash algorithm as an official reference value to prevent malicious attacks on the program code. This paper analyzed possible hash algorithm attacks on instructions, and did the prevention research for the most effective attack, the Rainbow table. In this paper we designed a protection mechanism by adding the interference information to each of instructions, making the attacker's burden greatly increase, so as to enhance the security of monitoring model, and to achieve protection of instruction information.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.