Integrating Security Modeling in Embedded System Design

1
Integrating Security Modeling in Embedded System
Design

• Jan Werner, Matt Eby, Janos Mathe, Gabor Karsai,
  Yuan Xue, Janos Sztipanovits
• Institute for Software Integrated Systems
• Vanderbilt University

2
Goals

• Extend model-based design flows with security
  modeling aspects
• Develop analysis methods for security properties
• Perform architectural trade-offs using
  system/security metrics
• Autogenerate implementation from models

3
Integrated Co-design Environment
Composition Platform
Functional Models
Component Models
OS Security Services
Access Control
HW/SW Arch
Componentized Model
Partitioning Model
Platform Model
Secure Component Structure Model
Deployment Model
Generators

• Domain-specific Modeling Languages (AADL,
  Simulink/StateFlow, )
• Security modeling for different platforms
• Model Analysis tools
• Code Generators

4
Testbed Configuration

• Different SW platforms
• Linux GRSecurity
• Others (LynxOS, VxWorks,..)

xPC PCI-DDA08/12 Data acquisition board
Single board computer SBC4495 from Micro/Sys
5
Experiment
F2
F1
Tank 1
Tank 2
Tank 3
On/Off Hi/Low
H1
H2
H3
X1
X2
1. Three tank control system model
2. Code generation
3. Deployment environment
4. Network attack on controller
6
Future work

• Modeling different security aspects access
  control, security measures, confidentiality, data
  leakage, privacy, attack trees
• Integrating security aspects in different Domain
  specific modeling languages
• Creating toolchains for complex security analysis
  and system deployment