Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Blockchain-Enabled Electronics Supply Chain Assurance Read chapter Read first chapter

2021 | OriginalPaper | Chapter

13. Firmware Protection

Authors : Muhammad Monir Hossain, Fahim Rahman, Farimah Farahmandi, Mark Tehranipoor

Published in: Emerging Topics in Hardware Security

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Assurance of an embedded system’s security depends mainly on the protection scheme of the firmware. Enhancing the security of the hardware alone cannot protect the systems from various adversarial attacks, while keeping the firmware undefensive against tampering, cloning, or reverse engineering. For developing a counterfeit embedded application, the principal target is to retrieve the original firmware from the authentic hardware platform so that the adversary can maximize the profits while investing significantly less. However, remarkable researches have been done to protect the firmware. There are both software- and hardware-assisted approaches for firmware protection. The traditional software-based approaches cannot protect the control flow and sensitive information entirely from being leaked out. Furthermore, software-based approaches incur significant memory and performance overhead. This chapter focuses on some robust approaches for firmware protection that leverage the intrinsic hardware signatures to bind the firmware with the trusted hardware platform. In these schemes, the firmware does not run on counterfeit hardware systems or vice versa.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Software Security with Hardware in Mind
next chapter Security of Emerging Memory Chips
Literature
1.
F. Zhang, H. Wang, K. Leach, A. Stavrou, A framework to secure peripherals at runtime, in European Symposium on Research in Computer Security (Springer, Cham, 2014), pp. 219–238.
2.
M. LeMay, C.A. Gunter, Cumulative attestation kernels for embedded systems, in European Symposium on Research in Computer Security (Springer, Cham, 2009), pp. 655–670
3.
J. Maskiewicz, B. Ellis, J. Mouradian, H. Shacham, Mouse trap: Exploiting firmware updates in {USB} peripherals, in 8th {USENIX} Workshop on Offensive Technologies ({WOOT} 14) (2014)
4.
D. Morais, J. Lange, D.R. Simon, L.T. Chen, J.D. Benaloh, Use of hashing in a secure boot loader, Jun. 14 2005, US Patent 6,907,522
5.
D. Peck, D. Peterson, Leveraging Ethernet card vulnerabilities in field devices, in SCADA Security Scientific Symposium (2009), pp. 1–19
6.
A.M. Garcia Jr, Firmware modification analysis in programmable logic controllers, Air Force Institute of Technology Wright-Patterson AFB OH Graduate School of …, Technical Report, 2014
7.
J. Nagra, C. Collberg, Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection: Obfuscation, Watermarking, and Tamperproofing for Software Protection (Pearson Education, Upper Saddle River, 2009)
8.
S. Schrittwieser, S. Katzenbeisser, Code obfuscation against static and dynamic reverse engineering, in International Workshop on Information Hiding (Springer, 2011), pp. 270–284
9.
P. Junod, J. Rinaldini, J. Wehrli, J. Michielin, Obfuscator-LLVM – software protection for the masses, in 2015 IEEE/ACM 1st International Workshop on Software Protection, May (2015), pp. 3–9
10.
J. Obermaier, S. Tatschner, Shedding too much light on a microcontroller’s firmware protection, in 11th {USENIX} Workshop on Offensive Technologies ({WOOT} 17) (2017)
11.
12.
P.C. Kocher, Timing attacks on implementations of Diffie-Hellman, RSA, DSA, and other systems, in Advances in Cryptology— Crypto, vol. 96 (1996), p. 104113
13.
C.S. Collberg, C. Thomborson, Watermarking, tamper-proofing, and obfuscation-tools for software protection. IEEE Trans. Softw. Eng. 28(8), 735–746 (2002)CrossRef
14.
C. Collberg, C. Thomborson, D. Low, A taxonomy of obfuscating transformations, Technical Report 148, Department of Computer Science, University of Auckland, July 1997
15.
J.X. Zheng, D. Li, M. Potkonjak, A secure and unclonable embedded system using instruction-level PUF authentication, in 2014 24th International Conference on Field Programmable Logic and Applications (FPL) (IEEE, Piscataway, 2014), pp. 1–4
16.
R.P. Lee, K. Markantonakis, R.N. Akram, Binding hardware and software to prevent firmware modification and device counterfeiting, in Proceedings of the 2nd ACM international workshop on cyber-physical system security (2016), pp. 70–81
17.
B. Cyr, J. Mahmod, U. Guin, Low-cost and secure firmware obfuscation method for protecting electronic systems from cloning. IEEE Internet Things J. 6(2), 3700–3711 (2019)CrossRef
18.
U. Guin, S. Bhunia, D. Forte, M.M. Tehranipoor, SMA: A system-level mutual authentication for protecting electronic hardware and firmware. IEEE Trans. Depend. Sec. Comput. 14(3), 265–278 (2016)
19.
B. Stamme, Anti-fuse memory provides robust, secure NVM option, in EE Times (2012)
20.
R.S. Chakraborty, S. Narasimhan, S. Bhunia, Embedded software security through key-based control flow obfuscation, in International Conference on Security Aspects in Information Technology (Springer, Berlin, 2011), pp. 30–44
21.
X. Zhuang, T. Zhang, H.-H.S. Lee, S. Pande, Hardware assisted control flow obfuscation for embedded processors, in Proceedings of the 2004 International Conference on Compilers, Architecture, and Synthesis for Embedded Systems (2004), pp. 292–302
Metadata
Title
Firmware Protection
Authors
Muhammad Monir Hossain
Fahim Rahman
Farimah Farahmandi
Mark Tehranipoor
Copyright Year
2021
Book
Emerging Topics in Hardware Security

Print ISBN: 978-3-030-64447-5

Electronic ISBN: 978-3-030-64448-2

Copyright Year: 2021

DOI
https://doi.org/10.1007/978-3-030-64448-2_13