Toronto Metropolitan University
Browse

Hardware Assisted Security Platform

Download (1.61 MB)
thesis
posted on 2021-06-08, 08:03 authored by Mir Ahsan
Embedded systems are often used to monitor and control various dynamic and complex applications. However, with greater accessibility and added features on many embedded systems, more and more systems are being subject to sophisticated and new types of attacks. As a result, the security aspect of embedded systems has become critical design step. TrustZone has become a popular choice for security design solution in systems where resources such as processing power, battery are limited. In TrustZone, two virtual processors called "secure world" and “normal world” run on the same core in a time sliced manner. These worlds have partitioned hardware and software resources, with different modes of operation, isolated memory regions and interrupts. In this paper, the hardware and software architecture of TrustZone is analyzed from the perspective of embedded system security design. Then a mobile-ticketing system based on TrustZone is presented which incorporates standard cryptographic engineering design practices to demonstrate the feasibility and effectiveness of such system. The ticketing system is then simulated and security threat analysis is performed in terms known vulnerabilities such as Buffer Overflow, Static and dynamic code/data tampering, Return Oriented Programming (ROP) exploits, and Man-in-the middle attacks. After evaluating the analysis results with various open source vulnerability analysis tools, it is conclusive that the system design is an effective solution particularly for embedded systems.

History

Language

English

Degree

  • Master of Applied Science

Program

  • Electrical and Computer Engineering

Granting Institution

Ryerson University

LAC Thesis Type

  • Thesis

Year

2013

Usage metrics

    Electrical and Computer Engineering (Theses)

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC