Embedding Security into Embedded Systems
|Event Date:||March 24, 2008|
|Speaker:||Dr. Anand Raghunathan|
|Speaker Affiliation:||NEC Laboratories America|
|Contact Name:||Profs Kaushik Roy and Yung-Hsiang Lu
|Contact Phone:||765-494-2361 or 765-4942-668
|Contact Email:||firstname.lastname@example.org or email@example.com
|Open To:||ACCEPTABLE FOR ECE694A
Our experiences with personal computers and the Internet have clearly identified information security as a paramount challenge. There is increasing consensus that embedded systems represent the next frontier in the information security battle. They are used pervasively in our lives, and often contain sensitive personal data such as our identity and purchasing power, in addition to performing several safety-critical functions (examples include mobile phones, MP3 players, automotive electronics, avionics, medical appliances, sensors, and RFID tags). They are increasingly powered by complex software that inevitably will contain vulnerabilities, and are networked, making them remotely accessible – the very risk factors that made their general-purpose brethren the targets of numerous security attacks. Furthermore, they often have unique usage models and constraints, introducing new threats or rendering conventional solutions inapplicable. Embedded system security concerns, unless adequately addressed, can impede the adoption and usage of many electronic products, applications, and services.
In this talk, I will introduce embedded system security challenges, and argue that effective security solutions can be realized only if they are built-in at various stages of the design process (architecture, HW design, and SW development). The objectives of secure embedded system design will be defined, from the designer's perspective, as addressing "gaps" such as (i) the assurance gap, which refers to the gap between functional security measures and truly secure implementations, (ii) the security processing gap, which arises due to the processing requirements of the additional computations that must be performed for security, and (iii) the battery gap, which is a consequence of the energy consumed in security-related functions. I will provide an overview of our research in this area, covering both embedded system architectures that address these gaps and methodologies that assist in their design. I will use mobile appliances (mobile phones, PDAs) to illustrate secure embedded system design challenges, and describe MOSES, a security platform that we have developed and deployed in NEC's next-generation mobile phones.
Dr. Anand Raghunathan is a Senior Researcher at NEC Laboratories America,
Dr. Raghunathan has authored a book, eight book chapters, over 150 conference and journal papers, and 23 U.S patents, and has presented several invited talks and conference tutorials in these areas. He has received six best paper awards at leading IEEE and ACM conferences, NEC's Patent of the Year and Technology Commercialization awards, and IEEE's meritorious service award. He was selected by MIT Technology Review among the "TR35" top young innovators in 2006 for his work on mobile appliance security. He has served as Program and General Chair for the International Symposium on Low Power Electronics & Design, Program Chair for the VLSI Test Symposium, and member of the Program and Organizing Committees of several IEEE and ACM conferences. He has served on the Editorial Board of the IEEE Transactions on CAD, ACM Transactions on Embedded Computing, IEEE Transactions on Mobile Computing, IEEE Transactions on VLSI, IEEE Design & Test of Computers, and the Journal of Low Power Electronics. Dr. Raghunathan received M.A. and Ph.D. degrees from