查看文章

Devices such as stolen smart cards or compromised sensor nodes are easily accessible at the physical layer. This accessibility has led to several new security attacks in recent years in the areas of physical tampering and side-channel analysis. For example, Paul Kocher, Joshua Jaffe, and Benjamin Jun’s differential power analysis (DPA) attack shows that an adversary can monitor a smart card’s power line to extract the card’s cryptographic key. 2 Such attacks might be irrelevant to workstation-based security but are extremely important in embedded system design. An issue related to physical accessibility and portability is privacy, particularly with networked embedded systems. For example, the recent US Federal Communications Commission (FCC) mandate for enhanced 911 (the number citizens in North America call in case of emergency) requires a user’s location to be available to an emergency dispatcher, often through GPS devices on cell phones. This mandate has sparked a debate between safety and privacy advocates. In addition, as camera phones have pervaded society, laws have banned phones in places such as locker rooms and courtrooms because of potential privacy violations. In general, networked embedded systems have caused many new sociological and legal issues to emerge.

Storing data on an embedded system also creates privacy concerns. On the one hand, storing sensitive information on a device rather than on multiple servers minimizes the number of locations where an attack can occur. On the flip side, small devices can be easily lost or stolen, and hence must have extra security measures built in to ensure that …