The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Security is a major issue nowadays for the embedded systems community. Untrustworthy authorities may use a wide range of attacks in order to retrieve critical information. This paper introduces ARMHEx, a practical solution targeting DIFT (Dynamic Information Flow Tracking) on ARM-based SoCs (e.g. Xilinx Zynq). Current DIFT implementations suffer from two major drawbacks. First, recovering required...
A brief review of Protected Execution Mode (PEM) for user-space applications featured in Elbrus architecture is described first. Then, AddressSanitizer, a well-known utility by Google Inc, is considered as an example of a pure software technique of memory control. Comparative analysis of these solutions is given with performance flaws, applicability and boundary violation detection quality.
To access sensitive information, some recent advanced attacks have been successful in exploiting implicit flows in a program in which sensitive data affects the control path and in turn affects other data. To track the sensitive data through implicit flows, several software and hardware based approaches have been proposed, but they suffer from the non-negligible performance overhead. In this paper,...
This paper proposes a method which utilizing taint analysis to reduce the unnecessary analysis routine, concentrating on the control-flow altering input using concolic (concrete and symbolic) execution procedure. A prototype, Concolic Fuzz is implemented based on this method, which is built on Pin platform at x86 binary level and using Z3 as the SMT (Satisfiability Modulo Theories) solver. The results...
With the rapid development of computer science and Internet technology, software security issues have become one of the main threats to information system. The technique of execution path tracking based on control flow integrity is an effective method to improve software security. However, the dynamic tracking method may incur considerable performance overhead. To address this problem, this paper...
The prevalent use of systems-on-chip (SoCs) makes them prime targets for software attacks. Proposed security countermeasures monitor software execution in real-time, but are impractical, and require impractical changes to the internal logic of intellectual property (IP) cores. We leverage the software observability provided by the readily available SoC debug architecture to detect attacks without...
Dynamic taint analysis technique plays an important role in tracking the input data's trace in an executing program, and it has been widely used in program analysis method, such as information-flow analysis and dynamic slicing. However, most of the tools implementing dynamic taint analysis only consider the data dependence propagation and neglect the control dependence. In this paper, we presents...
Hardware errors are becoming more prominent with reducing feature sizes, however tolerating them exclusively in hardware is expensive. Researchers have explored software-based techniques for building error resilient applications for hardware faults. However, software based error resilience techniques need configurable and accurate fault injection techniques to evaluate their effectiveness. In this...
MPX implements hardware accelerated support for detection and prevention of memory corruption. This paper will examine the effectiveness of MPX. Herein we attempt to find false positives and false negatives, and to determine what attacks may still be feasible. In particular we wish to see if a system protected by MPX is still exploitable. Intel MPX appears to provide a solid mitigation technique,...
Software exception analysis can not only improve software stability before putting into commercial, but also could optimize the priority of patch updates subsequently. We propose a more practical software exception analysis approach based on taint analysis, from the view that whether an exception of the software can be exploited by an attacker. It first identifies the type of exceptions, then do taint...
To meet needs of Space instruments for gyro system miniaturization, we design a 3-axis digital gyro signal acquisition system, based on L3G4200D. C8051F040 micro controller acts as the core controller in this system. The micro controller reads the MEMS gyroscope data through the I2C bus, and then passes the data through the RS232 bus to the host computer for processing. Finally, this paper analyzed...
Instrumentation is an important part in the industrial automation domain as it is fundamentally required for process control loops. Virtual Prototyping (VP) as prime technology is considered as a novel approach to aid in the development Industrial Instruments. However, using state-of-the-art VP technologies requires a high degree of expertise, thereby limiting its usability among multi-disciplinary...
Failures caused by electrostatic discharge (ESD) compromise the reliability of embedded systems. Peripherals such as the universal serial bus (USB) are particularly vulnerable, as isolating them to avoid electromagnetic interference would defy their purpose - facilitating communication with and/or by the embedded system. Better understanding the propagation of failures that result from ESD would facilitate...
Based on information security technology of speculation implementation hardware, we design and implement the SHIFT(Speculative Hardware based Information Flow Tracking) system to enhance software security in cloud computing platform. SHIFT system uses that processor support delay exceptions, design and implement efficient dynamic information flow tracking technology. The system can detect low-level...
Proteus is a kind of powerful EDA simulation software. The large device library and the dynamic peripherals are the special advantage of this software. The virtual instrument brings great convenience to the simulation process Applied Proteus software in MCU teaching, the cost is reduced and the effect is improved. This paper introduces Proteus software application and practice method in theoretical...
In order to enhance the ability of engineering practice of test related speciality in military academy, a test system networked teaching platform based on .Net is proposed in this paper. It expatiates the platform's physical framework, hardware component, the realization of network, the software flow of C/S mode and the final application. By using in the experimental course and the campus net, it...
ADS1255 is low-power-dissipation,high-resolution, 24-bit, and Δ-Σ analog-to-digital converter, provided by TI, which integrate input multiplexer, input buffer, programmable gain amplifier and programmable digital filter. Gyroscope, also known as Angular rate sensor, is a detector of angular movement, using that the High-speed rotary's moment of momentum is rthogonal to the axis of rotation. It turns...
This paper describes an anti-tamper JTAG Tap design which uses SHA256 secure hash and a true random number generator (TRNG) to create a low gate overhead challenge/response based access system for IC test and on-chip internals. The system may be used to enable 1149.1 TAP instructions or may control access to an IEEE P1687 on-chip instrument. The TAP owner (manufacturer of the IC) may then use DRM...
This paper investigates sources of uncertainty in measurement results obtained using three different fault injection techniques. Two software-implemented and one test port-based technique are characterized and compared. The three techniques can be used to inject the same faults, which are defined in a shared database. Due to the uncertainties associated with the techniques, which we identify and discuss,...
Error injection is a well accepted method to evaluate hardware error detection mechanisms. An error detection mechanism is effective if it considerably reduces the amount of silently corrupted output of protected applications compared to unprotected applications. For a good representativeness of the error injection, the error model used has to mirror real world errors as accurately as possible. We...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.