Environmental Engineering Reference
In-Depth Information
Research and Engineering Issues
and system levels (except operating system and
application levels) to provide a global solution.
Sadeghi A.-R. et al. (Sadeghi, A.-R. et al.,
2011) discover various issues related to physi-
cally unclonable functions, practical aspects of
hardware-based cryptography, as well as prob-
lems related to policy enforcement, security in
contactless tokens and security architectures and
applications in embedded devices.
Drimer S. (Drimer, S., 2009) underlines im-
portance of authenticating configurations as an
additional capability to FPGA, proposes a security
protocol for remote reconfiguration of FPGA-
based systems over insecure networks. Some
problems related to reproducing and comparing
FPGA implementation results are discussed, as
well as payment systems as ubiquitous embedded
devices are examined and evaluated in terms of
security vulnerabilities, including a man-in-the-
middle attack.
Here we provide short reviews of the most impor-
tant publications in the area of safety important
systems security.
Ravi S. et al. (Ravi, S. et al., 2004) describe
security-related gaps, unique to commercial
embedded system design only. Importance and
uniqueness of the embedded security challenges,
an enumeration of security requirements, concepts,
and design challenges are presented. Though, the
paper is limited to security processing require-
ments and architecture, illustrated with a popular
secure sockets layer protocol, and processing
workload example.
Grand J. (Grand, J., 2004) introduces the con-
cepts of designing secure hardware in embedded
systems. The major classes of attacks and the
mindset of potential attackers are presented, as
well as examples of previous hardware attacks
are discussed. Typical product development cycle
and recommends ways to incorporate security,
risk assessment, and policies into the process
are presented.
Huffmire T. et al. (Huffmire, T. et al., 2010)
provides comprehensive practical approach to
managing security in FPGA designs, including
both theoretical and practical aspects. It also
addresses the lifecycle and operational threats
against FPGA systems, as well as holistic view of
FPGA security, from formal top level specifica-
tion to low level policy enforcement mechanisms,
which integrates recent advances in the fields of
computer security theory, languages, compilers
and hardware.
Badrignans B. et al. (Badrignans, B. et al.,
2011) present an analysis of current threats against
embedded systems and especially FPGAs. The
requirements according to the FIPS 140-2 standard
are discussed in order to build a secure system.
Authors also highlight current vulnerabilities of
FPGAs at all the levels of the security pyramid.
Also several hardware solutions are described in
this topic especially at the logical, architectural
Regulation Issues
As for today, thorough the world there were devel-
oped a plenty of basic regulatory documents that
cover various aspects in the areas of FPGA, critical
I&C systems (including NPP I&C systems) and
security. Regulatory documents in such particular
areas try to form basement for developing secure
(and reliable) I&C systems, which are capable to
assure their intended functions (safety, security,
etc.) through their life cycle. Regulatory docu-
ments pose general requirements, as well as they
state the position and role of appropriate regula-
tory bodies.
As a result of conducted analysis partially
based on (Kharchenko, V. et al., 2012,a), some of
the existing standards and regulatory documents,
both national and international, can be divided
into the following main trend areas (see Figure 1):
•
Regulatory documents related to critical
I&C systems.
Search WWH ::
Custom Search