Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Designing Security-enhanced Embedded Systems: Bridging Two Islands of Expertise
Linköping University, Department of Computer and Information Science. Linköping University, The Institute of Technology. (Real-time Systems Laboratory)
2013 (English)Licentiate thesis, monograph (Other academic)
Abstract [en]

The increasing prevalence of embedded devices and a boost in sophisticated attacks against them make embedded system security an intricate and pressing issue. New approaches to support the development of security-enhanced systems need to be explored. We realise that efficient transfer of knowledge from security experts to embedded system engineers is vitally important, but hardly achievable in current practice.This thesis proposes a Security-Enhanced Embedded system Design (SEED) approach, which is a set of concepts, methods, and tools that together aim at addressing this challenge of bridging the gap between the two areas of expertise.

First, we introduce the concept of a Domain-Specific Security Model (DSSM) as a suitable abstraction to capture the knowledge of security experts in a way that this knowledge can be later reused by embedded system engineers. Each DSSM characterises common security issues of a specific application domain in a form of security properties, which are further linked to a range of solutions.

As a next step, we complement a DSSM with the concept of a Performance Evaluation Record (PER) to account for the resource-constrained nature of embedded systems. Each PER characterises the resource overhead created by a security solution, a provided level of security, and the evaluation technique applied.

Finally, we define a process that assists an embedded system engineer in selecting a relevant set of security solutions. The process couples together (i) the use of the security knowledge accumulated in DSSMs and PERs, (ii) the identification of security issues in a system design, and (iii) the analysis of resource constraints of a system and available security solutions. The approach is supported by a set of tools that automate its certain steps.

We use a case study from a smart metering domain to demonstrate how the SEED approach can be applied. We show that our approach adequately supports security experts in description of knowledge about security solutions in the form of formalised ontologies and embedded system engineers in integration of an appropriate set of security solutions based on that knowledge.

Place, publisher, year, edition, pages
Linköping University Electronic Press, 2013. , 111 p.
Series
Linköping Studies in Science and Technology. Thesis, ISSN 0280-7971 ; 1624
National Category
Computer Science
Identifiers
URN: urn:nbn:se:liu:diva-98213DOI: 10.3384/lic.diva-98213Local ID: LiU-Tek-Lic-2013:58ISBN: 978-91-7519-486-8 (print)OAI: oai:DiVA.org:liu-98213DiVA: diva2:662313
Presentation
2013-11-27, Alan Turing, House E, Campus Valla, Linköping University, Linköping, 13:15 (English)
Opponent
Supervisors
Funder
EU, FP7, Seventh Framework Programme
Available from: 2013-11-11 Created: 2013-10-03 Last updated: 2013-11-11Bibliographically approved

Open Access in DiVA

Designing Security-enhanced Embedded Systems: Bridging Two Islands of Expertise(3332 kB)1892 downloads
File information
File name FULLTEXT01.pdfFile size 3332 kBChecksum SHA-512
66c3bc89bde8c93412da5fe9acc4c624edc4c3cd55fcaeb4a42498a01ad6afd4c093440becb5d6f835f95b94fb293448bd879535a784644e5d3aea501c6a26bb
Type fulltextMimetype application/pdf
omslag(81 kB)31 downloads
File information
File name COVER01.pdfFile size 81 kBChecksum SHA-512
059bfbcbfe5d557c722ce6bf28944ed161f6e76b12fbdaa9e0e926f02cbef41d67e9485fb9fef77d56bddaf7f591a240d78a15c99b38b31a183fc69fecf98152
Type coverMimetype application/pdf

Other links

Publisher's full text

Search in DiVA

By author/editor
Vasilevskaya, Maria
By organisation
Department of Computer and Information ScienceThe Institute of Technology
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 1892 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 1715 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf