Your SlideShare is downloading. ×
0
Research overview
Research overview
Research overview
Research overview
Research overview
Research overview
Research overview
Research overview
Research overview
Research overview
Research overview
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Research overview

196

Published on

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
196
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Research Highlights and Agenda By Michael LeMay
  • 2. Objectives <ul><li>Provide strong Trusted Computing Base (TCB) support for critical systems, including resource-constrained embedded systems </li></ul><ul><li>Strengthen the TCB by shrinking it and modifying the processor core to support it </li></ul><ul><li>Formally verify that it is secure in realistic operating conditions </li></ul>
  • 3. Outline (main research) <ul><li>Critical infrastructure TCB requirements </li></ul><ul><li>TCB for 32-bit flash MCU </li></ul><ul><li>TCB for 8-bit flash MCU </li></ul><ul><li>Processor-supported TCB </li></ul>
  • 4. Critical infrastructure TCB requirements <ul><li>The electric power grid relies on increasing numbers of embedded systems with remotely-upgradeable firmware. </li></ul><ul><ul><li>Intelligent Electronic Devices (IEDs) in substations </li></ul></ul><ul><ul><li>Advanced electric meters in Advanced Metering Infrastructure (AMI) </li></ul></ul><ul><li>Such systems potentially exhibit a variety of security and privacy vulnerabilities [ LeMayGGG07-HICSS ]. </li></ul><ul><li>Remote attestation is desirable. </li></ul><ul><ul><li>permits authorized entity to verify that systems are running known firmware, to detect malware </li></ul></ul>
  • 5. TCB for 32-bit flash MCU <ul><li>Flash MCU: MicroController Unit (MCU) with small built-in flash memory and RAM, suitable for use in advanced meters. </li></ul><ul><li>We implemented remote attestation for one using only on-chip computational resources to conserve energy and reduce costs [ LeMayG09-ESORICS ]. </li></ul><ul><li>The remote attestation model is cumulative, meaning that all firmware revisions are recorded, not just the latest one. </li></ul><ul><li>We formally verified that our prototype satisfies important security and fault-tolerance properties using the Maude model-checker. </li></ul>
  • 6. TCB for 8-bit flash MCU <ul><li>Some flash MCUs do not have sufficient resources to support remote attestation in a standalone configuration. </li></ul><ul><li>We are developing a remote attestation solution that is responsive to the special challenges posed by such MCUs. </li></ul>
  • 7. Processor-supported TCB <ul><li>We are currently investigating ways to modify a processor to specifically support remote attestation software and reduce the overall size of the system’s TCB. </li></ul>
  • 8. Outline (other research) <ul><li>Architectures for effective demand response </li></ul><ul><li>Opportunistic use of heterogeneous networks for emergency response </li></ul><ul><li>Power analysis for remote sensor node diagnosis </li></ul>
  • 9. Architectures for effective demand response <ul><li>Demand response: A process whereby an electricity consumer receives information from an electricity provider at a relatively fast rate and modifies their demand in response. </li></ul><ul><li>We propose and demonstrate an architecture for automating this process in the presence of multiple loci of control [ LeMayNGG08-HICSS ]. </li></ul><ul><li>Example: An in-home-display centrally dims lighting in response to rising electricity prices, and a smart clothing dryer decides independently to turn off its heating element. </li></ul>
  • 10. Opportunistic use of heterogeneous networks for emergency response <ul><li>Common networks may become disconnected during disasters </li></ul><ul><li>We show how ad-hoc networking techniques can permit limited communication to occur over heterogeneous networks that happen to survive [ LeMayMSThesis08 ]. </li></ul><ul><li>We demonstrate our technique using IP and a resilient mesh protocol, ZigBee, which is similar to some AMI networks that will be widely-deployed and thus potentially useful in a disaster scenario. </li></ul>
  • 11. Power analysis for remote sensor node diagnosis <ul><li>Sensors sometimes exhibit in-situ failures and are unable to communicate with the base station to indicate their status. </li></ul><ul><li>Some failures require immediate remedies to preserve critical sensor functionality, whereas others are solely communication-related. </li></ul><ul><li>We developed a parallel sensor network with independent radios to transmit and analyze power measurements from sensor nodes and thus distinguish between their failure modes to support appropriate responses [ KhanLLMWYNAGHJ10-IPSN ]. </li></ul>

×