138,154 research outputs found

    Aplikasi Panic Buton Untuk Keamanan Warga Berbasis Android

    Get PDF
    Citizens highly expect environmental security, but criminality is inevitable. The level of crime in the community brings unrest and discomfort, so a security system is needed that is connected with the officers concerned. This study aims to build a security system application connected to environmental security officers. This system can help the public provide reports quickly through the panic button application embedded in Android. System development using the spiral model method. A spiral model is an evolutionary software process model assembling the interactive nature of the prototype using control and systematic aspects of a linear sequential model. Meanwhile, the system design stage uses the Unified Modeling Language (UML). The application is in Android Studio for the design stage, a unique Integrated Development Environment (IDE) that runs on the Android platform. The panic button application is a security system designed to assist the public in providing reports and make it easier for security officers to follow up on the messages given. Accelerate the follow-up process of crimes because it is based on Android.Citizens highly expect environmental security, but criminality is inevitable. The level of crime in the community brings unrest and discomfort, so a security system is needed that is connected with the officers concerned. This study aims to build a security system application connected to environmental security officers. This system can help the public provide reports quickly through the panic button application embedded in Android. System development using the spiral model method. A spiral model is an evolutionary software process model assembling the interactive nature of the prototype using control and systematic aspects of a linear sequential model. Meanwhile, the system design stage uses the Unified Modeling Language (UML). The application is in Android Studio for the design stage, a unique Integrated Development Environment (IDE) that runs on the Android platform. The panic button application is a security system designed to assist the public in providing reports and make it easier for security officers to follow up on the messages given. Accelerate the follow-up process of crimes because it is based on Android

    Interplay of Security&Dependability and Resource using Model-driven and Pattern-based Development

    Get PDF
    International audienceSeveral frameworks have been proposed to help designers of embedded system applications. However, we currently lack methodological tool support to take into account the interplay between security&;dependability and resource properties. In this work, we propose a modeling environment which associates model-driven paradigms with security and dependability patterns to ensure that the combination of security and dependability solutions fit on the targeted hardware platform. The resulted framework will serve as a tool to estimate the resources consumed by the security and dependability solutions at early stages of design to help the designer to avoid resource conflicts at run-time. In addition, we provide an architecture for development tools to support the design and the analysis of pattern-based secure and dependable applications. Finally, we apply it in practice to a use case from railway domain with strong security and dependability requirements

    SECURE AND LIGHTWEIGHT HARDWARE AUTHENTICATION USING ISOLATED PHYSICAL UNCLONABLE FUNCTION

    Get PDF
    As embedded computers become ubiquitous, mobile and more integrated in connectivity, user dependence on integrated circuits (ICs) increases massively for handling security sensitive tasks as well as processing sensitive information. During this process, hardware authentication is important to prevent unauthorized users or devices from gaining access to secret information. An effective method for hardware authentication is by using physical unclonable function (PUF), which is a hardware design that leverages intrinsic unique physical characteristics of an IC, such as propagation delay, for security authentication in real time. However, PUF is vulnerable to modeling attacks, as one can design an algorithm to imitate PUF functionality at the software level given a sufficient set of challenge-response pairs (CRPs). To address the problem, we employ hardware isolation primitives (e.g., ARM TrustZone) to protect PUF. The key idea is to physically isolate the system resources that handle security-sensitive information from the regular ones. This technique can be implemented by isolating and strictly controlling any connection between the secure and normal resources. We design and implement a ring oscillator (RO)-based PUF with hardware isolation protection using ARM TrustZone. Our PUF design heavily limits the number of CRPs a potential attacker has access to. Therefore, the modeling attack cannot be performed accurately enough to guess the response of the PUF to a challenge. Furthermore, we develop and demonstrate a brand new application for the designed PUF, namely multimedia authentication, which is an integral part of multimedia signal processing in many real-time and security sensitive applications. We show that the PUF-based hardware security approach is capable of accomplishing the authentication for both the hardware device and the multimedia stream while introducing minimum overhead. Finally, we evaluate the hardware-isolated PUF design using a prototype implementation on a Xilinx system on chip (SoC). Particularly, we conduct functional evaluation (i.e., randomness, uniqueness, and correctness), security analysis against modeling attacks, as well as performance and overhead evaluation (i.e., response time and resource usages). Our experimental results on the real hardware demonstrate the high security and low overhead of the PUF in real time authentication. Advisor: Sheng We

    SECURE AND LIGHTWEIGHT HARDWARE AUTHENTICATION USING ISOLATED PHYSICAL UNCLONABLE FUNCTION

    Get PDF
    As embedded computers become ubiquitous, mobile and more integrated in connectivity, user dependence on integrated circuits (ICs) increases massively for handling security sensitive tasks as well as processing sensitive information. During this process, hardware authentication is important to prevent unauthorized users or devices from gaining access to secret information. An effective method for hardware authentication is by using physical unclonable function (PUF), which is a hardware design that leverages intrinsic unique physical characteristics of an IC, such as propagation delay, for security authentication in real time. However, PUF is vulnerable to modeling attacks, as one can design an algorithm to imitate PUF functionality at the software level given a sufficient set of challenge-response pairs (CRPs). To address the problem, we employ hardware isolation primitives (e.g., ARM TrustZone) to protect PUF. The key idea is to physically isolate the system resources that handle security-sensitive information from the regular ones. This technique can be implemented by isolating and strictly controlling any connection between the secure and normal resources. We design and implement a ring oscillator (RO)-based PUF with hardware isolation protection using ARM TrustZone. Our PUF design heavily limits the number of CRPs a potential attacker has access to. Therefore, the modeling attack cannot be performed accurately enough to guess the response of the PUF to a challenge. Furthermore, we develop and demonstrate a brand new application for the designed PUF, namely multimedia authentication, which is an integral part of multimedia signal processing in many real-time and security sensitive applications. We show that the PUF-based hardware security approach is capable of accomplishing the authentication for both the hardware device and the multimedia stream while introducing minimum overhead. Finally, we evaluate the hardware-isolated PUF design using a prototype implementation on a Xilinx system on chip (SoC). Particularly, we conduct functional evaluation (i.e., randomness, uniqueness, and correctness), security analysis against modeling attacks, as well as performance and overhead evaluation (i.e., response time and resource usages). Our experimental results on the real hardware demonstrate the high security and low overhead of the PUF in real time authentication. Advisor: Sheng We

    Analysis as first-class citizens – an application to Architecture Description Languages

    Get PDF
    Architecture Description Languages (ADLs) support modeling and analysis of systems through models transformation and exploration. Various contributions made proposals to bring verification capabilities to designers through model-based frame- works and illustrated benefits to the overall system quality. Model-level analyses are usually performed as an exogenous, unidirectional and semantically weak transformation towards a third-party model. We claim such process can be incomplete and/or inefficient because gathered results lead to evolution of the primary model. This is particularly problematic for the design of Distributed Real-Time Embedded (DRE) systems that has to tackle many concerns like time, security or safety. In this paper, we argue why analysis should no longer be considered as a side step in the design process but, rather, should be embedded as a first-class citizen in the model itself. We review several standardized architecture description languages, which consider analysis as a goal. As an element of solution, we introduce current work on the definition of a language dedicated to the analysis of models within the scope of one particular ADL, namely the Architecture Analysis and Design Language (AADL)

    Towards the Model-Driven Engineering of Secure yet Safe Embedded Systems

    Full text link
    We introduce SysML-Sec, a SysML-based Model-Driven Engineering environment aimed at fostering the collaboration between system designers and security experts at all methodological stages of the development of an embedded system. A central issue in the design of an embedded system is the definition of the hardware/software partitioning of the architecture of the system, which should take place as early as possible. SysML-Sec aims to extend the relevance of this analysis through the integration of security requirements and threats. In particular, we propose an agile methodology whose aim is to assess early on the impact of the security requirements and of the security mechanisms designed to satisfy them over the safety of the system. Security concerns are captured in a component-centric manner through existing SysML diagrams with only minimal extensions. After the requirements captured are derived into security and cryptographic mechanisms, security properties can be formally verified over this design. To perform the latter, model transformation techniques are implemented in the SysML-Sec toolchain in order to derive a ProVerif specification from the SysML models. An automotive firmware flashing procedure serves as a guiding example throughout our presentation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
    • …
    corecore