Modèles algorithmes et méthodologie pour la conception de systèmes de sécurité physique basés sur des microcontrôleurs protégés des attaques cyber-physiques

Un moyen d'assurer la sécurité de systèmes basés sur des micro-contrôleurs (mCS) est de considérer une approche de génération à partir de spécifications. Malheureusement, les approches existantes souffrent d'inconvénients, et le but de la méthodologie présentée dans cette thèse est de les éviter dans le cas particulier des mCS pour la sécurité physique (mCS-Sec). Les principaux résultats de ce travail sont le développement de modèles, d'algorithmes, et d'une méthodologie originale de création de mCS-Sec, et leur implémentation. L'applicabilité de la méthode a été évaluée sur un système de robot de surveillance d'une zone. Dans ce cas, notre évaluation a montré que l'approche développée satisfaisait toutes les contraintes imposées, tout en offrant certains avantages par rapport aux solutions existantes. Nous pensons que cette approche permettra de réduire le nombre de faiblesses et les problèmes d'architecture dans les mCS, ce qui en réduira la surface d'attaque.One of the possible ways to ensure the security of microcontroller-based systems is the implementation of security by design approach. Unfortunately, existing approaches are not without drawbacks, that is why this thesis is aimed at developing the new one. Moreover, among all possible systems, in this work, only physical security systems were chosen as an area of the application. The main findings of the work are containing original models, algorithms, methodology and software implementation. Their correctness was checked on a system of mobile robots for perimeter monitoring. The evaluation of the developed solution showed that it satisfies all requirements while having advantages over commercial and scientific analogues, which means that the goal of this work was reached. It is assumed that the use of the developed solution will help to reduce the number of weak places and architectural defects in microcontroller-based systems, thereby significantly reducing their attack surface

Design Technique for Secure Embedded Devices: Application for Creation of Integrated Cyber-Physical Security System

Abstract As elements of complex information systems, embedded devices define informational and physical connections between the level of software control of the system on the one hand, and its technical environment and users on the other. Operating in a potentially volatile and untrusted cyber-physical environment, using insufficiently secure communication channels and sensors as well as various external influences cause such devices are subject to specific attacking actions. As a result the design of such systems is a challenging task often requiring expert based solutions. The main contribution of the paper is a design technique for secure embedded devices on the basis of combinations of security components, optimization approach and developed software tools for decision making support. The correctness of the technique is confirmed by its use in the development of the integrated cyberphysical security system

Design of Secure Microcontroller-Based Systems: Application to Mobile Robots for Perimeter Monitoring

This paper describes an original methodology for the design of microcontroller-based physical security systems and its application for the system of mobile robots. The novelty of the proposed methodology lies in combining various design algorithms on the basis of abstract and detailed system representations. The suggested design approach, which is based on the methodology, is modular and extensible, takes into account the security of the physical layer of the system, works with the abstract system representation and is looking for a trade-off between the security of the final solution and the resources expended on it. Moreover, unlike existing solutions, the methodology has a strong focus on security. It is aimed at ensuring the protection of the system against attacks at the design stage, considers security components as an integral part of the system and checks if the system can be designed in accordance with given requirements and limitations. An experimental evaluation of the methodology was conducted with help of its software implementation that consists of Python script, PostgreSQL database, Tkinter interface and available for download on our GitHub. As a use case, the system of mobile robots for perimeter monitoring was chosen. During the experimental evaluation, the design time was measured depending on the parameters of the attacker against which system security must be ensured. Moreover, the software implementation of the methodology was analyzed in compliance with requirements and compared with analogues. The advantages and disadvantages of the methodology as well as future work directions are indicated

Modèles algorithmes et méthodologie pour la conception de systèmes de sécurité physique basés sur des microcontrôleurs protégés des attaques cyber-physiques

One of the possible ways to ensure the security of microcontroller-based systems is the implementation of security by design approach. Unfortunately, existing approaches are not without drawbacks, that is why this thesis is aimed at developing the new one. Moreover, among all possible systems, in this work, only physical security systems were chosen as an area of the application. The main findings of the work are containing original models, algorithms, methodology and software implementation. Their correctness was checked on a system of mobile robots for perimeter monitoring. The evaluation of the developed solution showed that it satisfies all requirements while having advantages over commercial and scientific analogues, which means that the goal of this work was reached. It is assumed that the use of the developed solution will help to reduce the number of weak places and architectural defects in microcontroller-based systems, thereby significantly reducing their attack surface.Un moyen d'assurer la sécurité de systèmes basés sur des micro-contrôleurs (mCS) est de considérer une approche de génération à partir de spécifications. Malheureusement, les approches existantes souffrent d'inconvénients, et le but de la méthodologie présentée dans cette thèse est de les éviter dans le cas particulier des mCS pour la sécurité physique (mCS-Sec). Les principaux résultats de ce travail sont le développement de modèles, d'algorithmes, et d'une méthodologie originale de création de mCS-Sec, et leur implémentation. L'applicabilité de la méthode a été évaluée sur un système de robot de surveillance d'une zone. Dans ce cas, notre évaluation a montré que l'approche développée satisfaisait toutes les contraintes imposées, tout en offrant certains avantages par rapport aux solutions existantes. Nous pensons que cette approche permettra de réduire le nombre de faiblesses et les problèmes d'architecture dans les mCS, ce qui en réduira la surface d'attaque

Models, algorithms and methodology for design of microcontroller-based physical security systems protected from cyber-physical attacks

Un moyen d'assurer la sécurité de systèmes basés sur des micro-contrôleurs (mCS) est de considérer une approche de génération à partir de spécifications. Malheureusement, les approches existantes souffrent d'inconvénients, et le but de la méthodologie présentée dans cette thèse est de les éviter dans le cas particulier des mCS pour la sécurité physique (mCS-Sec). Les principaux résultats de ce travail sont le développement de modèles, d'algorithmes, et d'une méthodologie originale de création de mCS-Sec, et leur implémentation. L'applicabilité de la méthode a été évaluée sur un système de robot de surveillance d'une zone. Dans ce cas, notre évaluation a montré que l'approche développée satisfaisait toutes les contraintes imposées, tout en offrant certains avantages par rapport aux solutions existantes. Nous pensons que cette approche permettra de réduire le nombre de faiblesses et les problèmes d'architecture dans les mCS, ce qui en réduira la surface d'attaque.One of the possible ways to ensure the security of microcontroller-based systems is the implementation of security by design approach. Unfortunately, existing approaches are not without drawbacks, that is why this thesis is aimed at developing the new one. Moreover, among all possible systems, in this work, only physical security systems were chosen as an area of the application. The main findings of the work are containing original models, algorithms, methodology and software implementation. Their correctness was checked on a system of mobile robots for perimeter monitoring. The evaluation of the developed solution showed that it satisfies all requirements while having advantages over commercial and scientific analogues, which means that the goal of this work was reached. It is assumed that the use of the developed solution will help to reduce the number of weak places and architectural defects in microcontroller-based systems, thereby significantly reducing their attack surface

Modèles algorithmes et méthodologie pour la conception de systèmes de sécurité physique basés sur des microcontrôleurs protégés des attaques cyber-physiques

One of the possible ways to ensure the security of microcontroller-based systems is the implementation of security by design approach. Unfortunately, existing approaches are not without drawbacks, that is why this thesis is aimed at developing the new one. Moreover, among all possible systems, in this work, only physical security systems were chosen as an area of the application. The main findings of the work are containing original models, algorithms, methodology and software implementation. Their correctness was checked on a system of mobile robots for perimeter monitoring. The evaluation of the developed solution showed that it satisfies all requirements while having advantages over commercial and scientific analogues, which means that the goal of this work was reached. It is assumed that the use of the developed solution will help to reduce the number of weak places and architectural defects in microcontroller-based systems, thereby significantly reducing their attack surface.Un moyen d'assurer la sécurité de systèmes basés sur des micro-contrôleurs (mCS) est de considérer une approche de génération à partir de spécifications. Malheureusement, les approches existantes souffrent d'inconvénients, et le but de la méthodologie présentée dans cette thèse est de les éviter dans le cas particulier des mCS pour la sécurité physique (mCS-Sec). Les principaux résultats de ce travail sont le développement de modèles, d'algorithmes, et d'une méthodologie originale de création de mCS-Sec, et leur implémentation. L'applicabilité de la méthode a été évaluée sur un système de robot de surveillance d'une zone. Dans ce cas, notre évaluation a montré que l'approche développée satisfaisait toutes les contraintes imposées, tout en offrant certains avantages par rapport aux solutions existantes. Nous pensons que cette approche permettra de réduire le nombre de faiblesses et les problèmes d'architecture dans les mCS, ce qui en réduira la surface d'attaque

SEPAD - Security Evaluation Platform for Autonomous Driving

The development and evaluation of security solutions for autonomous vehicles is a challenging task. Many researchers have no access to real vehicles to implement and test their solutions. In addition, vehicle E/E architectures of different brands or even model series of one car manufacturer differ significantly. Also, vehicles maybe the source of physical hazards, e.g., an exploding airbag. To enable researchers to develop, implement, and evaluate new security solutions for autonomous vehicles, we propose a new security evaluation platform called SEPAD and a dedicated development process for testing security mechanisms with it. SEPAD allows to model realistic E/E architectures where the developed security solutions can be integrated and evaluated without causing safety risks for the researcher or other road users