Many embedded systems handle sensitive data or perform critical functions, making security an important consideration. While some of these threats are common in desktop systems, the general-purpose nature of a desktop and the commodity nature of the components comprising it prevent the deployment of meaningful architectural countermeasures. Such restrictions are less stringent in embedded systems, permitting the investigation of new security approaches, covering all aspects of system architecture design. However, such systems are severely resource-constrained in processing and battery capacities. Thus, purely software security solutions can overwhelm these capacities. Providing a secure implementation requires security measures that span various components in the system-on-chip (SoC), including hardware and software.
The aim of this research is to develop design methodologies to obtain efficient hardware/software implementations that can facilitate secure program execution or implement a given security policy in embedded systems. The first objective includes developing hardware/software design methodologies to support trusted platform module (TPM) functionality in resource-constrained embedded systems. TPM acts as a root of trust for the system that contains it, providing capabilities for secure storage, secure reporting of platform configuration measurements, and cryptographic key generation, among other functions. It is reported that by 2010, shipments of TPMs will reach 250 million, giving impetus to this research. The second objective includes design of a security-aware SoC communication architecture that can enforce a system-level security policy. The third objective includes developing techniques to facilitate the deployment of type-safe software