Co-design Environment for Secure Embedded Systems Matt Eby, Janos L. Mathe, Jan Werner, Gabor Karsai, Sandeep Neema, Janos Sztipanovits, Yuan Xue Institute.

Slides:



Advertisements
Similar presentations
Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
Advertisements

Operating System Security
Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient High-integrity Multi-core Systems Artemis-AAL day 7 May, Budapest 1BME and.
1 Hardware Support for Isolation Krste Asanovic U.C. Berkeley MURI “DHOSA” Site Visit April 28, 2011.
© 2004 by Carnegie Mellon University The Society of Automotive Engineers (SAE) Architecture Analysis & Design Language (AADL) Standard An International.
Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
Model-Driven Design and Administration of Access Control in Enterprise Applications April 2005.
Building Security into Embedded Systems: Validating Theoretical Designs using Experimental Platforms Yuan Xue Institute for Software Integrated Systems.
Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.
6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.
1 Extensible Security Architectures for Java Authors: Dan S.Wallch, Dirk Balfanz Presented by Moonjoo Kim.
CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.
Attacks on Three Tank System Three Tank System Testing Model-Based Security Features Experimental Platform for Model-Based Design of Embedded Systems Matt.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Foundations of Hybrid and Embedded Software Systems UC Berkeley: Chess Vanderbilt University: ISIS University of Memphis: MSI NSF Model-Based Design DSML.
Using the Vanderbilt Generic Modeling Environment (GME) to Address SOA QoS Sumant Tambe Graduate Intern, Applied Research, Telcordia Technologies Inc.
On the Correctness of Model Transformations Gabor Karsai ISIS/Vanderbilt University.
Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 6.
International User Group Information Delivery Manuals: General Overview Courtesy:This presentation is based on material provided by AEC3 and AEC Infosystems.
Introduction to Android Platform Overview
MultiPARTES Towards Model-Driven Engineering for Mixed- Criticality Systems: MultiPARTES Approach A. Alonso, C. Jouvray, S. Trujillo, M.A. de Miguel, C.
Efficient Hardware dependant Software (HdS) Generation using SW Development Platforms Frédéric ROUSSEAU CASTNESS‘07 Computer Architectures and Software.
February Semantion Privately owned, founded in 2000 First commercial implementation of OASIS ebXML Registry and Repository.
Methodology and Tools for End-to-End SOA Configurations By: Fumiko satoh, Yuichi nakamura, Nirmal K. Mukhi, Michiaki Tatsubori, Kouichi ono.
Ajmer Singh PGT(IP) Software Concepts. Ajmer Singh PGT(IP) Operating System It is a program which acts as an interface between a user and hardware.
C Copyright © 2009, Oracle. All rights reserved. Appendix C: Service-Oriented Architectures.
@2011 Mihail L. Sichitiu1 Android Introduction Platform Overview.
Virtualization Lab 3 – Virtualization Fall 2012 CSCI 6303 Principles of I.T.
Jaeki Song ISQS6337 JAVA Lecture 16 Other Issues in Java.
ITEA International Workshop on Challenges in Methodology, Representation, and Tooling for Automotive Embedded Systems, Berlin 2012 Target Mapping.
1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.
Yuan Xue Vanderbilt University
Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)
Institute for Software Integrated Systems Vanderbilt University Copyright © Vanderbilt University/ISIS 2008 Model Interpreters Janos Mathe based on Peter.
Model-Driven Analysis Frameworks for Embedded Systems George Edwards USC Center for Systems and Software Engineering
© DATAMAT S.p.A. – Giuseppe Avellino, Stefano Beco, Barbara Cantalupo, Andrea Cavallini A Semantic Workflow Authoring Tool for Programming Grids.
© 2012 xtUML.org Bill Chown – Mentor Graphics Model Driven Engineering.
TRUST, Washington, D.C. Meeting January 9–10, 2006 Integrative Projects Status Report Janos Sztipanovits.
Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.
Model Checking and Model-Based Design Bruce H. Krogh Carnegie Mellon University.
Integrated Systems Division Service-Oriented Programming Guy Bieber, Lead Architect Motorola ISD C4I 2000 OOPSLA Jini Pattern Language Workshop Guy Bieber,
NA-MIC National Alliance for Medical Image Computing UCSD: Engineering Core 2 Portal and Grid Infrastructure.
Distribution and components. 2 What is the problem? Enterprise computing is Large scale & complex: It supports large scale and complex organisations Spanning.
Laboratory of Model Driven Engineering for Embedded Systems An Execution Framework for MARTE-based Models UML&AADL’2008 workshop Belfast, Northern Ireland.
Future Work  Formal specification of modeling language semantic is key issue  Reliance on well-established formal models of computation (i.e. finite.
Lecture 18 Page 1 CS 111 Online OS Use of Access Control Operating systems often use both ACLs and capabilities – Sometimes for the same resource E.g.,
Integrating Security Modeling in Embedded System Design Jan Werner, Matt Eby, Janos Mathe, Gabor Karsai, Yuan Xue, Janos Sztipanovits Institute for Software.
Creating SmartArt 1.Create a slide and select Insert > SmartArt. 2.Choose a SmartArt design and type your text. (Choose any format to start. You can change.
Internet of Things. IoT Novel paradigm – Rapidly gaining ground in the wireless scenario Basic idea – Pervasive presence around us a variety of things.
Introduction Why are virtual machines interesting?
Protection & Security Greg Bilodeau CS 5204 October 13, 2009.
8 Copyright © 2004, Oracle. All rights reserved. Making the Model Secure.
The Execution System1. 2 Introduction Managed code and managed data qualify code or data that executes in cooperation with the execution engine The execution.
Software Systems Division (TEC-SW) ASSERT process & toolchain Maxime Perrotin, ESA.
T imed Languages for Embedded Software Ethan Jackson Advisor: Dr. Janos Szitpanovits Institute for Software Integrated Systems Vanderbilt University.
 Can access all API’s made available by OS vendor.  SDK’s are platform-specific.  Each mobile OS comes with its own unique tools and GUI toolkit.
Introduction to Programming 1 1 2Introduction to Java.
Integrated Simulation and Emulation Platform for Cyber-Physical System Security Experimentation Wei Yan, Yuan Xue, Xiaowei Li, Jiannian Weng, Timothy Busch,
PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.
CHESS Methodology and Tool Federico Ciccozzi MBEES Meeting Sälen, January 2011 January 2011.
Visit for more Learning Resources
Dynamo: A Runtime Codesign Environment
Distribution and components
Web Ontology Language for Service (OWL-S)
Model-Driven Analysis Frameworks for Embedded Systems
Integrating Security Modeling in Embedded System Design
Building Systems That Flexibly Control Downloaded Executable Content
An Overview Rick Anderson Pat Demko
OS Access Control Mauricio Sifontes.
Access Control What’s New?
Presentation transcript:

Co-design Environment for Secure Embedded Systems Matt Eby, Janos L. Mathe, Jan Werner, Gabor Karsai, Sandeep Neema, Janos Sztipanovits, Yuan Xue Institute for Software Integrated Systems, Vanderbilt University April 27-28, 2006 Comparison of AADL and the Security Extended AADL Gain with the Security Extended AADL Introducing security at design level Consistent and automatic configuration of security services offered by the operating system and middleware Investigating design tradeoffs between performance and security properties Verifying required security properties using explicit security models Embedded Hardware Target Real-Time Operating System AADL Runtime System Application Software Component Application Software Component Application Software Component Embedded Hardware Target Real-Time Operating System OS Security Extension App AADL Runtime System Application Software Component AADL Runtime System Application Software Component AADL Runtime System Application Software Component API AADL Execution Environment AADLExtended AADL Platform Security / Security Service Modeling Abstracts out security properties of the platform that are essential for the design flow Security Service Providers OS (ex: Linux, LynxOS, WinCE) HW (ex: Space Partitioning, Memory protection) Services of different applications (ex: Web Browser Based Authentication) Platform Security Models with sufficient detail enable Code Generators to access Platform Specific Security Services Theoretical Security Concepts (Platform Independent) Security Requirements of a System Existing Security Solutions Provided Different Platforms Security Capabilities of a Platform Mapping between requirements and underlying capabilities ( Ideally requirements are the subset of the capabilities ) A DSML Example with the Security Extension AADL with RBAC and Partitioning Objects – subject to access control Operations – execution of some functions on objects Permissions – approval to perform operation on RBAC protected object Roles – job with assigned authority and responsibility Users – human being, machine, network or agent requesting operation on objects Role Based Access Control (RBAC) building blocks Architectural Analysis and Design Language (AADL) Standard by SAE Aerospace (AS5506) Developed to model embedded systems with challenging resource constraints Definition of the AADL Language Security Extension Metamodel Incorporating Security into DSMLs Advantages of Design Time Security Modeling Domain Specific Modeling Language (DSML) examples Functional Models Component Models Componentized Model Secure Component Structure Model Platform Security Model Deployment Model Generators (Interpreters) Composition Platform (ex: AADL) OS Security Services (ex: Access Control, Partitioning) HW/SW Architecture (ex: OS, Applications) Security Models Source Files (ex: SimuLink, Hand crafted code, etc.) Secure Code Generation Security Extension examples Partitioning Role Based Access Control (RBAC) Secure Links Fair Exchange (guaranteed transactions) SysML AADL UML Vulnerabilities Access Violation Violation of Autentication Violation of Confidentiality Violation of Integrity Vulnerabilities Access Violation Violation of Autentication Violation of Confidentiality Violation of Integrity 10/100BASE-T or b Plant Simulator Data Acquisition Board (DAQ) Embedded System Board Embedded System Board Embedded System Board Automatic Code Generation and Deployment Reference The process of AADL code generation Automatic Code Generation Code generators traverse the model and produce secure code that enforces the RBAC policies. The code generator makes use of the partitioning capabilities of the underlying platform.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.