Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Software-Hardware Binding for Protection of Sensitive Data in Embedded Software

Bernhard Fischer, Daniel Dorfmeister, Flavio Ferrarotti, Manuel Penz, Michael Kargl, Martina Zeinzinger, Florian Eibensteiner

Abstract

Embedded software used in industrial systems frequently relies on data that ensures the correct and efficient operation of these systems. Thus, companies invest considerable resources in fine-tuning this data, making it their valuable intellectual property (IP). We present a novel protection mechanism for this IP that combines hardware fingerprints with Boolean logic. Unlike usual copy-protection approaches, unauthorised copies of the software still run on cloned devices but suboptimally. According to our security evaluation, only a complex dynamic analysis of the protected software running on the genuine target device can reveal the secret data. This makes the protection offered by our method more difficult to bypass. Notably, our approach does not require additional hardware, relying only on relatively simple updates to the software. We evaluate our protection mechanism by binding the parameters of a PID controller to a microcontroller unit (MCU) by using a physically unclonable function (PUF) based on its SRAM.

Software-Hardware Binding for Protection of Sensitive Data in Embedded Software

Abstract

Embedded software used in industrial systems frequently relies on data that ensures the correct and efficient operation of these systems. Thus, companies invest considerable resources in fine-tuning this data, making it their valuable intellectual property (IP). We present a novel protection mechanism for this IP that combines hardware fingerprints with Boolean logic. Unlike usual copy-protection approaches, unauthorised copies of the software still run on cloned devices but suboptimally. According to our security evaluation, only a complex dynamic analysis of the protected software running on the genuine target device can reveal the secret data. This makes the protection offered by our method more difficult to bypass. Notably, our approach does not require additional hardware, relying only on relatively simple updates to the software. We evaluate our protection mechanism by binding the parameters of a PID controller to a microcontroller unit (MCU) by using a physically unclonable function (PUF) based on its SRAM.
Paper Structure (15 sections, 10 equations, 2 figures)

This paper contains 15 sections, 10 equations, 2 figures.

Table of Contents

  1. Introduction
  2. Preliminaries
  3. SRAM PUFs
  4. PID Controllers
  5. Threat Model
  6. SRAM PUF
  7. Protection Mechanism
  8. Security Evaluation
  9. Static Analysis
  10. Dynamic Analysis on Cloned MCU
  11. Dynamic Analysis on Target MCU
  12. Proof of Concept
  13. Discussion
  14. Related Work
  15. Conclusion

Figures (2)

  • Figure 1: Dual layer protection: Only if $\mathit{recoverExprs}$ succeeds obtaining the Boolean expressions $e$ on the target device where the PUF response provides the Boolean assignment $a$, then the secret data $s$ is recovered. Otherwise, i.e., whenever $\mathit{recoverExprs}$ fails or the PUF response gives a Boolean assignment $a' \neq a$ (or both), then some predefined alternative data (not necessarily the same in all cases) is returned.
  • Figure 2: Performance evaluation of our proof of concept for different PUF sizes, the error bands show the standard deviation for different numbers of alternative data values $m$.