Verifying Software Integrity in Embedded Systems: A Side Channel Approach. / Msgna, Mehari; Markantonakis, Konstantinos; Naccache, David; Mayes, Keith.

Constructive Side Channel Analysis and Secure Design: 5th International Workshop, COSADE 2014, Paris, France, April 13-15, 2014. Revised Selected Papers. Paris, France, 2014. p. 261-280 (Lecture Notes in Computer Science).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Published

Abstract

In the last few decades embedded processors have invaded the modern lifestyle. Embedded systems have hardware and software components. Assuring the integrity of the software is very important as it is the component that controls what the hardware does through its instructions. Although there exist a number of software integrity verification techniques, they often fail to work in embedded environment. One main reason is, the memory read protection, frequently implemented in today’s microprocessors, that prevent the verifier from reading out the necessary software parts. In this paper we show that side channel leakage (power consumption) can be used to verify the integrity of the software component without prior knowledge of the software code. Our approach uses instruction-level power consumption templates to extract information about executed instructions by the processor. Then this information together with pre-computed signatures are used to verify the integrity of the executed application using RSA signature screening algorithm. The instruction-level templates are constructed ahead of time using few authentic reference processors.
Original languageEnglish
Title of host publicationConstructive Side Channel Analysis and Secure Design
Subtitle of host publication5th International Workshop, COSADE 2014, Paris, France, April 13-15, 2014. Revised Selected Papers
Place of PublicationParis, France
Pages261-280
Number of pages19
DOIs
StatePublished - 13 Apr 2014

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
This open access research output is licenced under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.

ID: 22963837