Skip to main content

2024 | OriginalPaper | Buchkapitel

ARM-PSA Embedded Hardware Threat Model for Onboard Controller of Cubesatellite

verfasst von : Yashodhan Vivek Mandke, Sunil B. Somani

Erschienen in: Advances in Photonics and Electronics

Verlag: Springer Nature Switzerland

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

This paper discusses the Threat model design of the onboard controller of Cubesatellite. The threat model design proposed in the paper is based on ARM-Platform Security Architecture (ARM-PSA) with the foundation of Common Criteria (CC) standard ISO/IEC 15408 and Microsoft’s STRIDE framework addressing critical security principles such as Authentication, Authorization, Repudiation, Confidentiality, Integrity, and Availability (CIA) Triad. The intention behind the selection of the ARM-PSA framework for designing the threat model is to address embedded security challenges such as threats to the micro-controller, embedded communication, hardware, firmware, and other peripherals associated with the onboard controller of cubesatellite. The minimalist hardware architecture for the onboard controller of a cubesatellite considered in the scope consists of a microcontroller, memory, and sensors. To counter the threats identified during threat modeling, the paper proposes security objectives against each threat, followed by a threat entry vector. This paper also addresses threats by side-channel attacks and fault injection attacks. The paper also proposes hardware exploit security threats not mentioned in ARM-PSA and adds hardware defense as a security objective to counter the same. Thus, it provides better coverage of threats in the ARM-PSA framework.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
Zurück zum Zitat Arm Ltd., DEN 0072 (2020) Platform Security Boot Guide, 2020-07-30 Arm Ltd., DEN 0072 (2020) Platform Security Boot Guide, 2020-07-30
Zurück zum Zitat Arm Ltd., AES 0058 (2022) PSA Cryptography API 1.1 PAKE Extension, 2022-10-02 Arm Ltd., AES 0058 (2022) PSA Cryptography API 1.1 PAKE Extension, 2022-10-02
Zurück zum Zitat Arm Ltd., DEN 0128 (2023) Platform Security Model 1.1, 2023-06-11 Arm Ltd., DEN 0128 (2023) Platform Security Model 1.1, 2023-06-11
Zurück zum Zitat Arm Ltd., DEN 0112 (2020) Platform Threat Model and Security Goals 1.0, 2020-09-29 Arm Ltd., DEN 0112 (2020) Platform Threat Model and Security Goals 1.0, 2020-09-29
Zurück zum Zitat Arm Ltd., DEN 0106 (2020) Platform Security Requirements 1.0, 2020-10-09 Arm Ltd., DEN 0106 (2020) Platform Security Requirements 1.0, 2020-10-09
Zurück zum Zitat Arm Ltd., DEN 0101 (2022) Authenticated Debug Access Control 1.0 Architecture & Technology Group, 2022-05-18 Arm Ltd., DEN 0101 (2022) Authenticated Debug Access Control 1.0 Architecture & Technology Group, 2022-05-18
Zurück zum Zitat C. Fanjas, C. Gaine, D. Aboulkassimi, S. Pontié, O. Potin, Combined Fault Injection and Real-Time Side-Channel Analysis for Android Secure-Boot Bypassing. In: Editor, F., Editor, S. (eds.) Cryptology ePrint Archive, Paper 2022/602, https://eprint.iacr.org/2022/602 (2022) C. Fanjas, C. Gaine, D. Aboulkassimi, S. Pontié, O. Potin, Combined Fault Injection and Real-Time Side-Channel Analysis for Android Secure-Boot Bypassing. In: Editor, F., Editor, S. (eds.) Cryptology ePrint Archive, Paper 2022/602, https://​eprint.​iacr.​org/​2022/​602 (2022)
Zurück zum Zitat R. Khan, K. McLaughlin, D. Laverty, S. Sezer, STRIDE-based threat modeling for cyber-physical systems, IEEE PES (2017) R. Khan, K. McLaughlin, D. Laverty, S. Sezer, STRIDE-based threat modeling for cyber-physical systems, IEEE PES (2017)
Zurück zum Zitat A. Kumar, C. Scarborough, A. Yilmaz, M. Orshansky, Efficient simulation of EM side-channel attack resilience, in Proceedings of the 36th International Conference on Computer-Aided Design (ICCAD ‘17). IEEE Press, 123–130, (2017) A. Kumar, C. Scarborough, A. Yilmaz, M. Orshansky, Efficient simulation of EM side-channel attack resilience, in Proceedings of the 36th International Conference on Computer-Aided Design (ICCAD ‘17). IEEE Press, 123–130, (2017)
Zurück zum Zitat Arm Ltd., DEN0075 (2018) Asset Tracker Threat Model and Security Analysis (English language Protection Profile) Architecture & Technology Group, 2018-11-07 Arm Ltd., DEN0075 (2018) Asset Tracker Threat Model and Security Analysis (English language Protection Profile) Architecture & Technology Group, 2018-11-07
Zurück zum Zitat A. Mohamed, K. Anas, Aboelnaga, T. Amer, Abdelrahman, H. Ahmed, A. Mohammed, el-arwash, Hasna a Design and Implementation of an Onboard Computer and payload for Nano Satellite (CubeSat). Claremont-UC Undergraduate Research Conference on the European Union. 5. 361–364 (2022) A. Mohamed, K. Anas, Aboelnaga, T. Amer, Abdelrahman, H. Ahmed, A. Mohammed, el-arwash, Hasna a Design and Implementation of an Onboard Computer and payload for Nano Satellite (CubeSat). Claremont-UC Undergraduate Research Conference on the European Union. 5. 361–364 (2022)
Zurück zum Zitat N. Anusha, et al., Studies on the functionality of on-board computer in 1U CubeSat, in 2023 International Conference on Circuit Power and Computing Technologies (ICCPCT) 571–576. (2023) N. Anusha, et al., Studies on the functionality of on-board computer in 1U CubeSat, in 2023 International Conference on Circuit Power and Computing Technologies (ICCPCT) 571–576. (2023)
Zurück zum Zitat A. Shostack, S. Author, T. Author, Threat modeling: Designing for security. 1st edn. Willey (2014) A. Shostack, S. Author, T. Author, Threat modeling: Designing for security. 1st edn. Willey (2014)
Zurück zum Zitat S. Song, H. Kim, Y.-K. Chang, Design and Implementation of 3U CubeSat Platform Architecture 2018, Int. J. Aerosp. Eng. S. Song, H. Kim, Y.-K. Chang, Design and Implementation of 3U CubeSat Platform Architecture 2018, Int. J. Aerosp. Eng.
Zurück zum Zitat C. Whitnall, E. Oswald, A Critical Analysis of ISO 17825 (Testing methods for the mitigation of non-invasive attack classes against cryptographic modules). IACR Cryptology ePrint Archive. 2019-09-10 C. Whitnall, E. Oswald, A Critical Analysis of ISO 17825 (Testing methods for the mitigation of non-invasive attack classes against cryptographic modules). IACR Cryptology ePrint Archive. 2019-09-10
Zurück zum Zitat R. Zeif, M. Kubicka, A.J. Hörmer, Development and application of an embedded computer system for CubeSats exemplified by the OPS-SAT space mission. Elektrotech. Inftech. 139, 8–15 (2022)CrossRef R. Zeif, M. Kubicka, A.J. Hörmer, Development and application of an embedded computer system for CubeSats exemplified by the OPS-SAT space mission. Elektrotech. Inftech. 139, 8–15 (2022)CrossRef
Metadaten
Titel
ARM-PSA Embedded Hardware Threat Model for Onboard Controller of Cubesatellite
verfasst von
Yashodhan Vivek Mandke
Sunil B. Somani
Copyright-Jahr
2024
DOI
https://doi.org/10.1007/978-3-031-68038-0_19