Research Highlights and Agenda By Michael LeMay
Objectives <ul><li>Provide strong Trusted Computing Base (TCB) support for critical systems, including resource-constraine...
Outline (main research) <ul><li>Critical infrastructure TCB requirements </li></ul><ul><li>TCB for 32-bit flash MCU </li><...
Critical infrastructure TCB requirements <ul><li>The electric power grid relies on increasing numbers of embedded systems ...
TCB for 32-bit flash MCU <ul><li>Flash MCU:  MicroController Unit (MCU) with small built-in flash memory and RAM, suitable...
TCB for 8-bit flash MCU <ul><li>Some flash MCUs do not have sufficient resources to support remote attestation in a standa...
Processor-supported TCB <ul><li>We are currently investigating ways to modify a processor to specifically support remote a...
Outline (other research) <ul><li>Architectures for effective demand response </li></ul><ul><li>Opportunistic use of hetero...
Architectures for effective demand response <ul><li>Demand response:  A process whereby an electricity consumer receives i...
Opportunistic use of heterogeneous networks for emergency response <ul><li>Common networks may become disconnected during ...
Power analysis for remote sensor node diagnosis <ul><li>Sensors sometimes exhibit in-situ failures and are unable to commu...
Upcoming SlideShare
Loading in …5
×

Research overview

309 views

Published on

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
309
On SlideShare
0
From Embeds
0
Number of Embeds
38
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Research overview

  1. 1. Research Highlights and Agenda By Michael LeMay
  2. 2. Objectives <ul><li>Provide strong Trusted Computing Base (TCB) support for critical systems, including resource-constrained embedded systems </li></ul><ul><li>Strengthen the TCB by shrinking it and modifying the processor core to support it </li></ul><ul><li>Formally verify that it is secure in realistic operating conditions </li></ul>
  3. 3. Outline (main research) <ul><li>Critical infrastructure TCB requirements </li></ul><ul><li>TCB for 32-bit flash MCU </li></ul><ul><li>TCB for 8-bit flash MCU </li></ul><ul><li>Processor-supported TCB </li></ul>
  4. 4. Critical infrastructure TCB requirements <ul><li>The electric power grid relies on increasing numbers of embedded systems with remotely-upgradeable firmware. </li></ul><ul><ul><li>Intelligent Electronic Devices (IEDs) in substations </li></ul></ul><ul><ul><li>Advanced electric meters in Advanced Metering Infrastructure (AMI) </li></ul></ul><ul><li>Such systems potentially exhibit a variety of security and privacy vulnerabilities [ LeMayGGG07-HICSS ]. </li></ul><ul><li>Remote attestation is desirable. </li></ul><ul><ul><li>permits authorized entity to verify that systems are running known firmware, to detect malware </li></ul></ul>
  5. 5. TCB for 32-bit flash MCU <ul><li>Flash MCU: MicroController Unit (MCU) with small built-in flash memory and RAM, suitable for use in advanced meters. </li></ul><ul><li>We implemented remote attestation for one using only on-chip computational resources to conserve energy and reduce costs [ LeMayG09-ESORICS ]. </li></ul><ul><li>The remote attestation model is cumulative, meaning that all firmware revisions are recorded, not just the latest one. </li></ul><ul><li>We formally verified that our prototype satisfies important security and fault-tolerance properties using the Maude model-checker. </li></ul>
  6. 6. TCB for 8-bit flash MCU <ul><li>Some flash MCUs do not have sufficient resources to support remote attestation in a standalone configuration. </li></ul><ul><li>We are developing a remote attestation solution that is responsive to the special challenges posed by such MCUs. </li></ul>
  7. 7. Processor-supported TCB <ul><li>We are currently investigating ways to modify a processor to specifically support remote attestation software and reduce the overall size of the system’s TCB. </li></ul>
  8. 8. Outline (other research) <ul><li>Architectures for effective demand response </li></ul><ul><li>Opportunistic use of heterogeneous networks for emergency response </li></ul><ul><li>Power analysis for remote sensor node diagnosis </li></ul>
  9. 9. Architectures for effective demand response <ul><li>Demand response: A process whereby an electricity consumer receives information from an electricity provider at a relatively fast rate and modifies their demand in response. </li></ul><ul><li>We propose and demonstrate an architecture for automating this process in the presence of multiple loci of control [ LeMayNGG08-HICSS ]. </li></ul><ul><li>Example: An in-home-display centrally dims lighting in response to rising electricity prices, and a smart clothing dryer decides independently to turn off its heating element. </li></ul>
  10. 10. Opportunistic use of heterogeneous networks for emergency response <ul><li>Common networks may become disconnected during disasters </li></ul><ul><li>We show how ad-hoc networking techniques can permit limited communication to occur over heterogeneous networks that happen to survive [ LeMayMSThesis08 ]. </li></ul><ul><li>We demonstrate our technique using IP and a resilient mesh protocol, ZigBee, which is similar to some AMI networks that will be widely-deployed and thus potentially useful in a disaster scenario. </li></ul>
  11. 11. Power analysis for remote sensor node diagnosis <ul><li>Sensors sometimes exhibit in-situ failures and are unable to communicate with the base station to indicate their status. </li></ul><ul><li>Some failures require immediate remedies to preserve critical sensor functionality, whereas others are solely communication-related. </li></ul><ul><li>We developed a parallel sensor network with independent radios to transmit and analyze power measurements from sensor nodes and thus distinguish between their failure modes to support appropriate responses [ KhanLLMWYNAGHJ10-IPSN ]. </li></ul>

×