Configuration-Based Approach to Embedded Device Security

  • Vasily Desnitsky
  • Igor Kotenko
  • Andrey Chechulin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7531)


Development of embedded devices is a challenging task because of their varying, reactive and real-time nature. Conventionally embedded devices are considered as a part of systems owned by some other entities and operated in a potentially hostile environment. Embedded device development is an extremely complicated problem due to various types of threats and attacks the device subject to, and because the security in embedded devices is commonly provided as an additional feature at the final stages of the development process, or even neglected. In this paper we propose a new configuration model, which facilitates the design of secure and resource consumption efficient embedded devices. The model enables the search for the most effective combinations of security building blocks in terms of consumption of device resources.


embedded system security security modeling security building blocks configuration resource efficiency non-functional property 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abraham, D.G., Dolan, G.M., Double, G.P., Stevens, J.V.: Transaction security system. IBM Systems Journal 30(2), 206–228 (1991)CrossRefGoogle Scholar
  2. 2.
    Gogniat, G., Wolf, T., Burleson, W.: Reconfigurable Security Primitive for Embedded Systems. In: Proceedings of International Symposium on In System-on-Chip, pp. 23–28 (2005)Google Scholar
  3. 3.
    Grand, J.: Practical Secure Hardware Design for Embedded Systems. In: Proceedings of the 2004 Embedded Systems Conference, San Francisco, California (2004)Google Scholar
  4. 4.
    Gu, L., Ding, X., Deng, R.H., Xie, B., Mei, H.: Remote attestation on program execution. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing (STC 2008). ACM, New York (2008)Google Scholar
  5. 5.
    Kocher, P., Lee, R., Mcgraw, G., Ravi, S.: Security as a new dimension in embedded system design. In: Proceedings of the 41st Design Automation Conference (DAC 2004), San Diego, CA (2004)Google Scholar
  6. 6.
    Kommerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: Proceedings of the USENIX Workshop on Smartcard Technology, Chicago, pp. 9–20 (1999)Google Scholar
  7. 7.
    Koopman, P.: Embedded System Security. IEEE Computer (2004)Google Scholar
  8. 8.
    Kuntze, N., Rudolph, C.: Secure Digital Chains of Evidence. In: Proceedings of 2011 IEEE Sixth International Workshop on Systematic Approaches to Digital Forensic Engineering, SADFE 2011, Oakland, CA, USA (2011)Google Scholar
  9. 9.
    Lee, G.M., Kim, J.Y.: The Internet of Things – A problem statement. In: 2010 International Conference on Information and Communication Technology Convergence (ICTC), pp. 517–518 (2010)Google Scholar
  10. 10.
    Rae, A.J., Wildman, L.P.: A Taxonomy of Attacks on Secure Devices. In: Australian Information Warfare and IT Security, Australia, pp. 251–264 (2003)Google Scholar
  11. 11.
    Raghunathan, A., Ravi, S., Hattangady, S., Quisquater, J.: Securing Mobile Appliances: New Challenges for the System Designer. In: Proceedings of DATE 2003, pp. 3–7 (2003)Google Scholar
  12. 12.
    Ravi, S., Raghunathan, A., Kocher, P., Hattangady, S.: Security in Embedded Systems: Design Challenges. ACM Transactions on Embedded Computing Systems 3(3), 461–491 (2004)CrossRefGoogle Scholar
  13. 13.
    Ruiz, J.F., Harjani, R., Maña, A., Desnitsky, V., Kotenko, I., Chechulin, A.: A Methodology for the Analysis and Modeling of Security Threats and Attacks for Systems of Embedded Components. In: The 20th Euromicro International Conference on Parallel, Distributed and Network-Based Computing (PDP 2012), Munich, Germany (2012)Google Scholar
  14. 14.
    Object Management Group: The UML Profile for MARTE: Modeling and Analysis of Real-Time and Embedded Systems. Version 1.1 (2011),

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Vasily Desnitsky
    • 1
  • Igor Kotenko
    • 1
  • Andrey Chechulin
    • 1
  1. 1.St. Petersburg Institute for Informatics and Automation (SPIIRAS)St. PetersburgRussia

Personalised recommendations