1 / 6

Integrating Security Modeling in Embedded System Design

Integrating Security Modeling in Embedded System Design . Jan Werner, Matt Eby, Janos Mathe, Gabor Karsai, Yuan Xue, Janos Sztipanovits Institute for Software Integrated Systems Vanderbilt University. Goals. Extend model-based design flows with security modeling aspects

geri
Télécharger la présentation

Integrating Security Modeling in Embedded System Design

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Integrating Security Modeling in Embedded System Design Jan Werner,Matt Eby, Janos Mathe, Gabor Karsai, Yuan Xue, Janos Sztipanovits Institute for Software Integrated Systems Vanderbilt University

  2. Goals • Extend model-based design flows with security modeling aspects • Develop analysis methods for security properties • Perform architectural trade-offs using system/security metrics • Autogenerate implementation from models

  3. Integrated Co-design Environment Composition Platform Functional Models Component Models OS Security Services Access Control HW/SW Arch Componentized Model Partitioning Model Platform Model Secure Component Structure Model Deployment Model Generators • Domain-specific Modeling Languages (AADL, Simulink/StateFlow, …) • Security modeling for different platforms • Model Analysis tools • Code Generators

  4. Plant Simulator DAQ Controller Controller Controller Wireless Link Testbed Configuration • Different SW platforms: • Linux + GRSecurity • Others (LynxOS,VxWorks,..) xPC PCI-DDA08/12 Data acquisition board Single board computer SBC4495 from Micro/Sys

  5. Successful attack on component I/O Data flow Data Gateway Component Sensor Component Partition 1 Partition 2 Embedded system operating system Code Generation And Deployment Reference Experiment F2 F1 Tank 3 Tank 1 Tank 2 On/Off Hi/Low H1 H2 H3 X1 X2 1. Three tank control system model 2. Code generation 3. Deployment environment 4. Network attack on controller

  6. Future work • Modeling different security aspects: access control, security measures, confidentiality, data leakage, privacy, attack trees • Integrating security aspects in different Domain specific modeling languages • Creating toolchains for complex security analysis and system deployment

More Related