Abstract
One of the hardest aspects of embedded software development is that of debugging, especially when faulty behavior is observed at the production or deployment stage. Non-intrusive observation of the system's behavior is often insufficient to infer the cause of the problem and identify and fix the bug. In this work, we present a novel approach for non-intrusive program tracing aimed at assisting developers in the task of debugging embedded systems at deployment or production stage, where standard debugging tools are usually no longer available. The technique is rooted in cryptography, in particular the area of side-channel attacks. Our proposed technique expands the scope of these cryptographic techniques so that we recover the sequence of operations from power consumption observations (power traces). To this end, we use digital signal processing techniques (in particular, spectral analysis) combined with pattern recognition techniques to determine blocks of source code being executed given the observed power trace. One of the important highlights of our contribution is the fact that the system works on a standard PC, capturing the power traces through the recording input of the sound card. Experimental results are presented and confirm that the approach is viable.
- Atmel Corporation. AVR 8- andhbox32-bit Microcontrollers, 2012. URL http://www.atmel.com/products/microcontrollers/avr/.Google Scholar
- S. Chari, J. R. Rao, and P. Rohatgi. Template Attacks. Cryptographic Hardware and Embedded Systems -- CHES 2002, pages 13--28, 2003. Google ScholarDigital Library
- J. Cooling. Software Engineering for Real-Time Systems. Addison-Wesley, 2003. Google ScholarDigital Library
- T. H. Cormen, C. E. Leiserson, R. L. Rivest, and C. Stein. Introduction to Algorithms. The MIT Press, Third edition, 2009. Google ScholarDigital Library
- M. Frigo and S. G. Johnson. The design and implementation of FFTW3. phProceedings of the IEEE, 93 (2): 216--231, 2005. Special issue on "Program Generation, Optimization, and Platform Adaptation".Google ScholarCross Ref
- M. R. Guthaus, J. S. Ringenberg, D. Ernst, T. M. Austin, T. Mudge, and R. B. Brown. Mibench: A free, commercially representative embedded benchmark suite. In Proceedings of the Workload Characterization, 2001. WWC-4. 2001 IEEE International Workshop, pages 3--14. IEEE Computer Society, 2001. Google ScholarDigital Library
- C. Hamacher, Z. Vranesic, and S. Zaky. Computer Organization. McGraw-Hill, Fifth edition, 2002. Google ScholarDigital Library
- D. Hankerson, A. Menezes, and S. Vanstone. Guide to Elliptic Curve Cryptography. Springer-Verlag, 2004. Google ScholarDigital Library
- J. L. Hennessy and D. A. Patterson. Computer Architecture: A Quantitative Approach. Morgan Kaufmann Publishers, Fourth edition, 2007. Google ScholarDigital Library
- HT Omega. Claro Plus -- Online specifications. URL http://www.htomega.com/claroplus.html.Google Scholar
- P. Kocher. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. Advances in Cryptology, 1996. Google ScholarDigital Library
- P. Kocher, J. Jaffe, and B. Jun. Differential Power Analysis. Advances in Cryptology -- CRYPTO' 99, pages 388--397, 1999. Google ScholarDigital Library
- R. Langner. Stuxnet: Dissecting a Cyberwarfare Weapon. IEEE Security & Privacy, 9 (3): 49--51, May-June 2011. Google ScholarDigital Library
- Matt Bishop. Computer Security: Art and Science. Addison-Wesley, 2003.Google Scholar
- D. Mazzoni. Audacity: Free Audio Editor and Recorder. URL http://audacity.sourceforge.net.Google Scholar
- A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996. URL http://www.cacr.math.uwaterloo.ca/hac/. Google ScholarDigital Library
- C. Moreno. Side-Channel Analysis: Countermeasures and Application to Embedded Systems Debugging, 2013. PhD Thesis (Final version to be submitted May 2013).Google Scholar
- C. Moreno and M. A. Hasan. SPA-Resistant Binary Exponentiation with Optimal Execution Time. Journal of Cryptographic Engineering, pages 1--13, 2011.Google Scholar
- J. G. Proakis and D. G. Manolakis. Digital Signal Processing: Principles, Algorithms, and Applications. Prentice Hall, Fourth edition, 2006. Google ScholarDigital Library
- J. Viega and G. McGraw. Building Secure Software. Addison-Wesley, 2002.Google Scholar
- A. R. Webb and K. D. Copsey. Statistical Pattern Recognition. Wiley, third edition, 2011.Google Scholar
Index Terms
- Non-intrusive program tracing and debugging of deployed embedded systems through side-channel analysis
Recommendations
Non-intrusive program tracing and debugging of deployed embedded systems through side-channel analysis
LCTES '13: Proceedings of the 14th ACM SIGPLAN/SIGBED conference on Languages, compilers and tools for embedded systemsOne of the hardest aspects of embedded software development is that of debugging, especially when faulty behavior is observed at the production or deployment stage. Non-intrusive observation of the system's behavior is often insufficient to infer the ...
Non-intrusive program tracing and debugging of deployed embedded systems through side-channel analysis
LCTES '13: Proceedings of the 14th ACM SIGPLAN/SIGBED conference on Languages, compilers and tools for embedded systemsOne of the hardest aspects of embedded software development is that of debugging, especially when faulty behavior is observed at the production or deployment stage. Non-intrusive observation of the system's behavior is often insufficient to infer the ...
Tracing and recording interrupts in embedded software
During the system development, developers often must correct wrong behavior in the software-an activity colloquially called program debugging. Debugging is a complex activity, especially in real-time embedded systems because such systems interact with ...
Comments