MCU intrinsic group features for component authentication

We provide a solution for the authentication of a component, accessory, smart card or tag by a main device via challenge-response-tests of two MCU intrinsic features: Progression in the execution of test programs (measured in processor clocks) and peripheral feedback to internal stimulation. The main device will be called challenger and the other device responder. Our solution requires that the authentic responders are characterized by a dedicated MCU model and a common responder ID in read-only MCU registers. Its main application is the detection/lock-out of counterfeit batteries, cartridges, sensors, or control units. The solution also suits as a redundant authentication factor in high security applications, such as payment, or conditional access

Enable Reliable and Secure Data Transmission in Resource-Constrained Emerging Networks

The increasing deployment of wireless devices has connected humans and objects all around the world, benefiting our daily life and the entire society in many aspects. Achieving those connectivity motivates the emergence of different types of paradigms, such as cellular networks, large-scale Internet of Things (IoT), cognitive networks, etc. Among these networks, enabling reliable and secure data transmission requires various resources including spectrum, energy, and computational capability. However, these resources are usually limited in many scenarios, especially when the number of devices is considerably large, bringing catastrophic consequences to data transmission. For example, given the fact that most of IoT devices have limited computational abilities and inadequate security protocols, data transmission is vulnerable to various attacks such as eavesdropping and replay attacks, for which traditional security approaches are unable to address. On the other hand, in the cellular network, the ever-increasing data traffic has exacerbated the depletion of spectrum along with the energy consumption. As a result, mobile users experience significant congestion and delays when they request data from the cellular service provider, especially in many crowded areas. In this dissertation, we target on reliable and secure data transmission in resource-constrained emerging networks. The first two works investigate new security challenges in the current heterogeneous IoT environment, and then provide certain countermeasures for reliable data communication. To be specific, we identify a new physical-layer attack, the signal emulation attack, in the heterogeneous environment, such as smart home IoT. To defend against the attack, we propose two defense strategies with the help of a commonly found wireless device. In addition, to enable secure data transmission in large-scale IoT network, e.g., the industrial IoT, we apply the amply-and-forward cooperative communication to increase the secrecy capacity by incentivizing relay IoT devices. Besides security concerns in IoT network, we seek data traffic alleviation approaches to achieve reliable and energy-efficient data transmission for a group of users in the cellular network. The concept of mobile participation is introduced to assist data offloading from the base station to users in the group by leveraging the mobility of users and the social features among a group of users. Following with that, we deploy device-to-device data offloading within the group to achieve the energy efficiency at the user side while adapting to their increasing traffic demands. In the end, we consider a perpendicular topic - dynamic spectrum access (DSA) - to alleviate the spectrum scarcity issue in cognitive radio network, where the spectrum resource is limited to users. Specifically, we focus on the security concerns and further propose two physical-layer schemes to prevent spectrum misuse in DSA in both additive white Gaussian noise and fading environments

Lightweight Protocols and Applications for Memory-Based Intrinsic Physically Unclonable Functions on Commercial Off-The-Shelve Devices

We are currently living in the era in which through the ever-increasing dissemination of inter-connected embedded devices, the Internet-of-Things manifests. Although such end-point devices are commonly labeled as ``smart gadgets'' and hence they suggest to implement some sort of intelligence, from a cyber-security point of view, more then often the opposite holds. The market force in the branch of commercial embedded devices leads to minimizing production costs and time-to-market. This widespread trend has a direct, disastrous impact on the security properties of such devices. The majority of currently used devices or those that will be produced in the future do not implement any or insufficient security mechanisms. Foremost the lack of secure hardware components often mitigates the application of secure protocols and applications. This work is dedicated to a fundamental solution statement, which allows to retroactively secure commercial off-the-shelf devices, which otherwise are exposed to various attacks due to the lack of secure hardware components. In particular, we leverage the concept of Physically Unclonable Functions (PUFs), to create hardware-based security anchors in standard hardware components. For this purpose, we exploit manufacturing variations in Static Random-Access Memory (SRAM) and Dynamic Random-Access Memory modules to extract intrinsic memory-based PUF instances and building on that, to develop secure and lightweight protocols and applications. For this purpose, we empirically evaluate selected and representative device types towards their PUF characteristics. In a further step, we use those device types, which qualify due to the existence of desired PUF instances for subsequent development of security applications and protocols. Subsequently, we present various software-based security solutions which are specially tailored towards to the characteristic properties of embedded devices. More precisely, the proposed solutions comprise a secure boot architecture as well as an approach to protect the integrity of the firmware by binding it to the underlying hardware. Furthermore, we present a lightweight authentication protocol which leverages a novel DRAM-based PUF type. Finally, we propose a protocol, which allows to securely verify the software state of remote embedded devices

Using secure microcontrollers in IoT applications

Security in IoT devices is a major topic that IoT is facing. Rising awareness from the customer side and up-coming regulations will force manufacturers to increase the level of security on their IoT devices. Particularly, it is a challenge to leverage the elaborate, well-known computer security algorithms to resource-constrained IoT devices. For the Cortex-A processors Arm® has already introduced their security extension TrustZone® for quite a while. With the new generation of secure microcontrollers, Arm® TrustZone® is now available for battery-powered IoT devices. Furthermore, these secure microcontrollers provide additional security features, such as hardware accelerators for cryptographic operations, secure key storage, and sophisticated random number generators, therefore, increasing security on resource-constrained IoT devices. The paper introduces the concept of these new secure microcontrollers and provides an overview of their features, by showing an application example that covers the topics of secure boot and the usage of TrustZone®. Furthermore, the paper presents energy measurements of the implemented example comparing them to the execution on conventional microcontrollers without TrustZone®. Finally, the paper summarizes advantages and weaknesses of secure microcontrollers compared to dedicated off-chip solutions like secure elements

Embedded electronic systems driven by run-time reconfigurable hardware

Abstract This doctoral thesis addresses the design of embedded electronic systems based on run-time reconfigurable hardware technology –available through SRAM-based FPGA/SoC devices– aimed at contributing to enhance the life quality of the human beings. This work does research on the conception of the system architecture and the reconfiguration engine that provides to the FPGA the capability of dynamic partial reconfiguration in order to synthesize, by means of hardware/software co-design, a given application partitioned in processing tasks which are multiplexed in time and space, optimizing thus its physical implementation –silicon area, processing time, complexity, flexibility, functional density, cost and power consumption– in comparison with other alternatives based on static hardware (MCU, DSP, GPU, ASSP, ASIC, etc.). The design flow of such technology is evaluated through the prototyping of several engineering applications (control systems, mathematical coprocessors, complex image processors, etc.), showing a high enough level of maturity for its exploitation in the industry.Resumen Esta tesis doctoral abarca el diseño de sistemas electrónicos embebidos basados en tecnología hardware dinámicamente reconfigurable –disponible a través de dispositivos lógicos programables SRAM FPGA/SoC– que contribuyan a la mejora de la calidad de vida de la sociedad. Se investiga la arquitectura del sistema y del motor de reconfiguración que proporcione a la FPGA la capacidad de reconfiguración dinámica parcial de sus recursos programables, con objeto de sintetizar, mediante codiseño hardware/software, una determinada aplicación particionada en tareas multiplexadas en tiempo y en espacio, optimizando así su implementación física –área de silicio, tiempo de procesado, complejidad, flexibilidad, densidad funcional, coste y potencia disipada– comparada con otras alternativas basadas en hardware estático (MCU, DSP, GPU, ASSP, ASIC, etc.). Se evalúa el flujo de diseño de dicha tecnología a través del prototipado de varias aplicaciones de ingeniería (sistemas de control, coprocesadores aritméticos, procesadores de imagen, etc.), evidenciando un nivel de madurez viable ya para su explotación en la industria.Resum Aquesta tesi doctoral està orientada al disseny de sistemes electrònics empotrats basats en tecnologia hardware dinàmicament reconfigurable –disponible mitjançant dispositius lògics programables SRAM FPGA/SoC– que contribueixin a la millora de la qualitat de vida de la societat. S’investiga l’arquitectura del sistema i del motor de reconfiguració que proporcioni a la FPGA la capacitat de reconfiguració dinàmica parcial dels seus recursos programables, amb l’objectiu de sintetitzar, mitjançant codisseny hardware/software, una determinada aplicació particionada en tasques multiplexades en temps i en espai, optimizant així la seva implementació física –àrea de silici, temps de processat, complexitat, flexibilitat, densitat funcional, cost i potència dissipada– comparada amb altres alternatives basades en hardware estàtic (MCU, DSP, GPU, ASSP, ASIC, etc.). S’evalúa el fluxe de disseny d’aquesta tecnologia a través del prototipat de varies aplicacions d’enginyeria (sistemes de control, coprocessadors aritmètics, processadors d’imatge, etc.), demostrant un nivell de maduresa viable ja per a la seva explotació a la indústria

Embedded platform for ECG biometric recognition

Trabalho Final de Mestrado para obtenção do grau de Mestre em Engenharia de Electrónica e TelecomunicaçõesMuitas das tarefas diárias do ser humano requerem processos que validem a identidade do utilizador. Cartões de identificação, chapas de identificação militar, senhas e códigos são as estratégias mais usuais no campo da validação e identificação de utilizador. Apesar do amplo uso de tais mecanismos, os meios de autenticação baseados na entidade ou no conhecimento do sujeito levantam graves problemas de segurança no que diz respeito ao risco de fraude e roubo de identidade. O uso de características físicas ou comportamentais dos seres vivos como forma de identificálos unicamente, é o tópico da Biometria [bio (vida) + metria (medida)]. A principal vantagem destes sistemas é a dependência completa no individuo, não existindo nenhuma sujeição a objetos ou à memorização de códigos, como ocorre nas estratégias tradicionais. Isto leva a uma maior utilização de sistemas biométricos a fim de aumentar a dificuldade de falsificação de credencias, visto este ser a principal falha dos sistemas de reconhecimento pessoal tradicionais. Por exemplo, uma foto pode fingir um rosto, a íris do olho pode ser falsificada por lentes de contacto e até mesmo a impressão digital pode ser trocada por um dedo de gel. Este trabalho propõe um sistema de reconhecimento biométrico baseado em sinais electrocardiográficos (ECG). As diferenças de potencial podem ser obtidas pela colocação de elétrodos sobre a superfície do corpo e medindo a tensão entre eles. O sistema de aquisição dos sinais ECG deste trabalho é constituído por dois elétrodos colocados um em cada membro superior do utilizador, preferencialmente nas mãos, para um aquisição mais cómoda. A fim de tornar esta solução móvel e facilmente transportável para qualquer local, é proposto um sistema embebido autónomo para autenticação humana baseada no ECG de cada indivíduo. Normalmente, os sistemas baseados em ECG usam hardware capaz de adquirir o sinal e um micro-controlador para enviar os sinais para um computador onde é realizado o tratamento dos dados. Em alternativa, o objetivo deste trabalho é conceber de um prototipo capaz de adquirir e processar o sinal ECG de diferentes indivíduos e, através de um algoritmo de extração e classificação de padrões, autenticar ou identificar as pessoas em questão. Este prototipo será baseado num sistema embebidos capaz de autenticar ou identificar indivíduos em tempo real sem recurso a um computador pessoal ou a qualquer plataforma de processamento externa. O problema do reconhecimento humano com base em biometria, é tipicamente dividido em várias fases (independentemente do tipo de biométrica) típicas de um sistema de reconhecimento de padrões: • Aquisição do sinal biométrico por sensores; • Pré-processamento do sinal de acordo com o sistema adotado; • Extração das características necessárias ao reconhecimento; • Seleção das características mais discriminativas do sujeito; • Classificação das características escolhidas e decisão de qual a correspondência da mesma na base de dados. Nesta abordagem o sinal ECG obtido é segmentado por batimento cardíaco, usando o pico R (complexo R, incluído no complexo QRS, nomes dados às ondas características constituintes do ECG) como ponto de pesquisa para a segmentação. Dois algoritmos de segmentação são estudados, Hamilton e Slope Sum Function (SSF), sendo o SSF a solução implementada no sistema embebido pelas suas propriedades de execução em tempo real. Outra particularidade da implementação do algoritmo SSF é que este foi desenvolvido para detetar pulsos de pressão arterial e é aqui adaptado para a deteção do complexo R, constituinte do sinal ECG. A extração de características do sinal ECG segmentado é baseada na análise do sinal no domínio da frequência e segue um algoritmo proposto por Odinaka. Cada batimento cardíaco é analisado por troços obtidos pela segmentação do sinal em várias janelas sobrepostas. É calculada a transformada de Fourier de cada janela segmentada (em que normalmente é usada uma janela de Hamming para melhor estimativa) e estimada uma distribuição de gaussiana (caracterizada por uma média e desvio padrão) para cada intervalo de frequência que caracteriza o batimento cardíaco típico em analise. Posteriormente, para treino, é estimada a distribuição gaussiana para as janelas extraídas de cada segmento e calculada a sua média entre todos os segmentos. São estas as características guardadas na base de dados para futura comparação com novas aquisições para se efetuar o reconhecimento dos batimentos. A cada nova aquisição, é confirmada a veracidade do utilizador, e é feita uma atualização dos valores da base de dados com os novos adquiridos, através de uma média ponderada. Com este método é possível contornar o efeito temporal nos sinais ECG. É de conhecimento comum que com a evolução da idade do individuo, os seus sinais fisiológicos sofrem pequenas alterações e o ECG não é exceção. Para a transformada de Fourier foi aumentado a dimensão do array para aumentar a definição nas baixas frequências, onde a informação requerida para o reconhecimento pessoal é preponderante. Neste trabalho, o sistema foi implementado para garantir uma execução em tempo real. As amostras do sinal ECG não podem ser perdidas e o processo de autenticação tem que ser realizado de forma muito eficiente de modo a permitir o funcionamento em tempo real. Para isto é necessária a escolha de hardware capaz de concretizar este objetivo. A possibilidade do uso de um microprocessador foi descartada pela sua baixa versatilidade e alto custo de desenvolvimento. Os sistema ASIC e FPGA, também foram descartados pelos elevados custos de desenvolvimento e aquisição. Foi escolhido então, um sistema de desenvolvimento baseado num micro-controlador (MCU) com arquitetura ARM Cortex 4. O MCU escolhido, STM32F4-Discovery, conta com uma grande versatilidade, baixo consumo de energia (100mA), grande velocidade de processamento (168MHz), integração de DSP e unidade de virgula flutuante. Memoria interna não volátil também é necessária, a fim de conservar as características de treino de cada individuo. O sistema é projetado para ser autónomo, não-intrusivo e fácil de usar em diferentes cenários. Isto é conseguido combinando a facil utilização de apenas dois elétrodos, um em cada membro superior, com um sistema embebido alimentado por bateria com processamento em tempo real e capacidade de visualização de resultados. O sistema foi validado em duas fases. Em primeiro lugar os algoritmos foram validados usando uma base de dados já testada em estudos anteriores, e foi comprovado que o sistema tem uma percentagem de identificação de 89% e 10% de taxa de erros em autenticação. Finalmente foram realizadas novas aquisições que comprovaram a eficiência do sistema. Com 11 sujeitos na base de dados o sistema conta com uma taxa de identificação de 100% e um taxa de erros de autenticação de 9.3%. Utilizando as propriedades dos sinais ECG, este sistema torna-se um plataforma fiável, eficaz e eficiente. Problemas cardíacos humanos, como arritmias são um problema que fazem descer o rendimento do sistema. O sistema realizado é uma prova de conceito que ilustra como os sistemas embebidos podem mudar o mundo dos sistemas de autenticação pois proporcionam segurança e uma utilização muito fácil para toda a população.Abstract: Traditional strategies for authentication are either entity-based or knowledge-based, like PIN numbers, passwords and ID cards. This raises serious security problems, concerning the risk of identity theft as these mechanisms are widely spread. They are a part of many daily tasks and they are dependent on objects or memories. This work prompts to change these mechanisms for a secure and ubiquitous biometric reckoning system based on the electrocardiographic (ECG) signal. It includes the study of all the steps required for the development of a biometric system, namely: acquisition, processing and classification. In the acquisition, the ECG signal is obtained from two electrodes placed at each limb to a electronic device that filters and amplifies the raw signal to be able to be converted to digital in the microcontroller, using the internal Analogue-to-Digital Converter; In the processing phase, the signal is digitally filtered and segmented in heartbeats. Features are selected and extracted using one algorithm created by Odinaka and herein modified to increase performance in low bandwidth ECG signals; In classification, extracted features are compared, using nearest neighbour algorithm, with data stored in the database in order to classify each heartbeat. The work develop and implement a working prototype based on an embedded system (ARMBased Cortex4 32 bit RISC STM32F407VGT6). Acquisition modules, processing units and algorithms are studied and developed on a prototype for identification and authentication mobile system based on the ECG. The lack of mobile real-time reckoning systems makes this thesis a challenging and self-motivated work. Unique, continuous acquisition and non-intrusive are the main characteristics of the ECG signals. These properties make ECG based reckoning system a reliable and effective platform. Preliminary evaluation showed a 100% identification rate and a 9.3% equal error rate at the authentication procedure. These results came form an acquired database of 11 subjects, with test and train sequences acquired in different procedures. Human heart problems, like arrhythmias are a challenging problem that drop the reckoning performance of the system. This kind of embedded solutions can change the world of authentication systems in order to provide security and be easy-to-use for the general population

Assembly Level Clock Glitch Insertion Into An XMega MCU

This thesis proposes clock-glitch fault injection technique to inject glitches into the clock signal running in a microcontroller unit and studying its effects on different assembly level instructions. It focusses mainly on the effect of clock glitches over the execution, sub-execution and pre-execution cycles of the test instructions and also finds the delay between the actual position of glitch insertion and the trigger being set for the glitch insertion. The instructions used in this work are provided by Atmel which classifies them according to their type of operation. These instructions are here further grouped depending on the number of clock cycles they require for their execution. Each group of instructions are tested for their behavior towards clock glitches being injected at different places in and surrounding their execution cycle. This thesis utilizes the ChipWhisperer-Lite board (CW1173) for performing the whole experiment by controlling the target device, providing clock as well as clock glitches with appropriate properties at appropriate position to the target device. The Atmel AVR XMEGA 128D4U is used as the target device (CW303) that uses an external clock of frequency 7.37MHz generated by the main board. The Capture software, provided by the ChipWhisperer, is used for establishing the hardware connection between the main board and the target board. The clock glitches are designed and triggered through the Capture software

Performance Improvement of Wide-Area-Monitoring-System (WAMS) and Applications Development

Wide area monitoring system (WAMS), as an application of situation awareness, provides essential information for power system monitoring, planning, operation, and control. To fully utilize WAMS in smart grid, it is important to investigate and improve its performance, and develop advanced applications based on the data from WAMS. In this dissertation, the work on improving the WAMS performance and developing advanced applications are introduced.To improve the performance of WAMS, the work includes investigation of the impacts of measurement error and the requirements of system based on WAMS, and the solutions. PMU is one of the main sensors for WAMS. The phasor and frequency estimation algorithms implemented highly influence the performance of PMUs, and therefore the WAMS. The algorithms of PMUs are reviewed in Chapter 2. To understand how the errors impact WAMS application, different applications are investigated in Chapter 3, and their requirements of accuracy are given. In chapter 4, the error model of PMUs are developed, regarding different parameters of input signals and PMU operation conditions. The factors influence of accuracy of PMUs are analyzed in Chapter 5, including both internal and external error sources. Specifically, the impacts of increase renewables are analyzed. Based on the analysis above, a novel PMU is developed in Chapter 6, including algorithm and realization. This PMU is able to provide high accurate and fast responding measurements during both steady and dynamic state. It is potential to improve the performance of WAMS. To improve the interoperability, the C37.118.2 based data communication protocol is curtailed and realized for single-phase distribution-level PMUs, which are presented in Chapter 7.WAMS-based applications are developed and introduced in Chapter 8-10. The first application is to use the spatial and temporal characterization of power system frequency for data authentication, location estimation and the detection of cyber-attack. The second application is to detect the GPS attack on the synchronized time interval. The third application is to detect the geomagnetically induced currents (GIC) resulted from GMD and EMP-E3. These applications, benefited from the novel PMU proposed in Chapter 6, can be used to enhance the security and robust of power system