Vasily Desnitsky

A Methodology for the Analysis and Modeling of Security Threats and Attacks for Systems of Embedded Components

The development of systems based on embedded components is a challenging task because of their distributed, reactive and real-time nature. From a security point of view, embedded devices are basically systems owned by a certain entity, used frequently as part of systems owned by other entities and operated in a potentially hostile environment. The development of security-enhanced systems of embedded components is a difficult task due to different types of threats that may affect such systems, and because the security in systems of embedded devices is currently added as an additional feature when the development is advanced, or avoided as a superfluous characteristic. We present in this paper a methodology for the analysis and modeling of threats and attacks for systems of embedded components. The Intruder Model allows us to describe possible actions a potential intruder can accomplish, depending on his/her capabilities, resources, etc. Using this information, we can define a Threat Model that will specify the threats and attacks that affect different security properties in specific domains.

Configuration-based approach to embedded device security

Development of embedded devices is a challenging task because of their varying, reactive and real-time nature. Conventionally embedded devices are considered as a part of systems owned by some other entities and operated in a potentially hostile environment. Embedded device development is an extremely complicated problem due to various types of threats and attacks the device subject to, and because the security in embedded devices is commonly provided as an additional feature at the final stages of the development process, or even neglected. In this paper we propose a new configuration model, which facilitates the design of secure and resource consumption efficient embedded devices. The model enables the search for the most effective combinations of security building blocks in terms of consumption of device resources.

Detection of anomalies in data for monitoring of security components in the Internet of Things

The increasing urgency and expansion of information systems implementing the Internet of Things (IoT) concept determine the importance of the investigation in the field of protection mechanisms against a wide range of information security threats. The increased complexity of such investigation is determined by a low structuring and formalization of expert knowledge on IoT systems. The paper encompasses an approach to elicitation and use of expert knowledge on detection of anomalies in data as well as their usage as an input for automated means aimed at monitoring security components of IoT.

Application of a Technique for Secure Embedded Device Design Based on Combining Security Components for Creation of a Perimeter Protection System

From information security point of view embedded devices are the elements of complex systems operating in a potentially hostile environment. Therefore development of embedded devices is a complex task that often requires expert solutions. The complexity of the task of developing secure embedded devices is caused by various types of threats and attacks that may affect the device, as well as that in practice security of embedded devices is usually considered at the final stage of the development process in the form of adding additional security features. The paper proposes a design technique and its application that will facilitate development of secure and energy-efficient embedded devices. The technique organizes the search for the best combinations of security components on the basis of solving an optimization problem. The efficiency of the proposed technique is demonstrated by development of a room perimeter protection system.

Automated design, verification and testing of secure systems with embedded devices based on elicitation of expert knowledge

The rising significance and widening of embedded systems stipulate the importance of the security means against a great deal of computer security threats. Such systems involving a diversity of an-hoc embedded and mobile electronic devices functioning with the use of a broadband Internet access and even cloud technologies, are referenced conventionally as Internet of Things systems (IoT). Due to specificity of IoT systems the application of the combined security mechanisms requires their efficient energy and computing resource consumption, identification of potential conflicts and incompatibilities, control of information flows, monitoring anomalies of data in the system and other issues. At that an increased design complexity of IoT systems is determined by a low structuring and formalization of security knowledge in the field. We proposed an approach to identification of embedded security expert knowledge for its subsequent use in automated design, verification and testing tools for secure IoT systems. The paper encompasses the core elements of the proposed technique, namely security component configuring, revelation of implicit conflicts, verification of network information flows and abnormal data from sensors. The domain specific analysis of the field of embedded security is described. We also present the revealed expert knowledge used for configuration, verification and testing of embedded devices. Issues of software implementation and discussion are covered.

Expert Knowledge Based Design and Verification of Secure Systems with Embedded Devices

The sweeping growth of the amount of embedded devices together with their extensive spread pose extensively new design challenges for protection of embedded systems against a wide set of security threats. The embedded device specificity implies combined protection mechanisms require effective resource consumption of their software/hardware modules. At that the design complexity of modern embedded devices, characterized by the proper security level and acceptable resource consumption, is determined by a low structuring and formalization of security knowledge. The paper proposes an approach to elicit security knowledge for subsequent use in automated design and verification tools for secure systems with embedded devices.

An approach for network information flow analysis for systems of embedded components

Systems (devices) with embedded components operate in a potentially hostile environment and have strong recourse limitations. The development of security-enhanced embedded components is a complicated task owning to different types of threats and attacks that may affect the device, and because the security in embedded devices is commonly provided as an additional feature at the final stages of the development process, or even neglected. In the paper we consider an approach to analysis of network information flows in systems containing embedded components. This approach helps to the system engineer to evaluate the embedded system from security point of view and to correct the architecture of future system on early stages of the development.

Security and scalability of remote entrusting protection

The paper outlines to the problem of correlation between security and scalability of software protection against tampering based on the remote entrusting principles. The goal of the paper is to propose a technique allowing choosing the most effective combination of different protection methods to apply. The technique is aimed at finding a trade-off between performance of the protection mechanism and its security, ensuring both a necessary security level and an appropriate scalability. The technique encompasses the evaluation of particular protection methods belonging to the whole protection mechanism and getting quantitative metrics of their performance and security level.

Modeling and Analysis of IoT Energy Resource Exhaustion Attacks

Subjection of wireless Internet of Things (IoT) devices to energy resource exhaustion attacks gets increasing importance. Being stealthy enough for an attack target and systems of its monitoring such attacks are capable to exhaust energy of the device in a relatively short period and thereby impair the function and availability of the device. The paper analyzes possible types of ERE attacks, proposes an intruder model regarding this kind of attacks and provides experimental studies on the basis of a developed use case.

Design of Entrusting Protocols for Software Protection

The paper considers the problem of design and analysis of entrusting protocols used within software protection mechanisms, including the protection mechanisms for Geographical Information Systems (GIS). The main goal of these mechanisms is to protect software against malicious tampering accomplished by potential intruders. The given protocol set is intended for data exchange between the trusted server and the client program being protected as necessary for the entire protection mechanism function. The paper presents the main security requirements for the entrusting protocols and their analysis. The model of the intruder attempting to fulfill attacks on the protocol to compromise it as well as issues connected with protocol implementation are considered. We propose the general technique to design these types of protocols, including formal methods of protocol construction and analysis. Specifically, besides conventional protocol development methods that embrace the search of possible attacks on the protocol (including formal means), consequent protocol correction, and formal verification, the paper considers the methods of automatic synthesis proposing correct-by-construction protocol design.