Back to overview

A Design Methodology for Secure Embedded Systems

English title A Design Methodology for Secure Embedded Systems
Applicant Lenstra Arjen K.
Number 119783
Funding scheme Project funding
Research institution Laboratoire de cryptologie algorithmique EPFL - IC - IIF - LACAL
Institution of higher education EPF Lausanne - EPFL
Main discipline Information Technology
Start/End 01.04.2008 - 31.03.2011
Approved amount 145'725.00
Show all

Keywords (6)

Embedded systems; Information Security; Design Methodology; Interdisciplinarity; Security; Design Methodologies

Lay Summary (English)

Lay summary
Computing devices will soon be available anywhere and anytime, thereby realizing the pervasive computing paradigm. They are ubiquitously used to sense, capture, store, process, transmit data of a very wide variety - including vital personal data. Embedded systems play an important role in this development. As a consequence, security of embedded systems is an important problem. The increasing number of security breaches that occur in embedded systems underline the importance of fundamental solutions. With stronger cryptographic primitives and security protocols there has been a shift in attack strategies from exploring mathematical weaknesses to easier and often neglected implementation vulnerabilities.Current designers and design methodologies focus on the functionalities of an embedded system. Because security is not considered to be a functional specification, basic designs often lack any level of assurance of security. To address security requirements, current approaches mostly consist of the addition of features, such as specific cryptographic algorithms and security protocols. Since this is commonly done at the end of design phase and often only to a part of system, solutions of this sort are comparable to the addition of patches to the system. Such patches cannot result in a complete solution and are usually not fully integrated in the whole system. Often, products have to be redesigned after a damaging security incident. This raises overall development costs and increases time-to-market.But lack of adequate integration of security solutions is just part of the problem.Not only should security be considered from the early stages of system design on, but an overall vision of the system's lifecycle should be taken into account to create a system that is properly security-engineered, and otherwise, for its intended purpose and usage context. To achieve a system's security design goals one cannot rely on the security expertise of the system's designer nor of its user. Instead, a design and development methodology should be used that takes into consideration all the challenges and security requirements of a system in its whole lifecycle.The aim of this project is to propose a step by step design and analysis method that, when followed by a system designer, results in an embedded system that meets the security requirements of the system in all its usage scenarios. Software engineers and system engineers have developed similar technologies in different contexts. New challenges are posed, however, by embedded systems and their information security requirements, which require us to have a new look at those technologies.
Direct link to Lay Summary Last update: 21.02.2013

Responsible applicant and co-applicants