1 option
Mechanism for Runtime Kernel Integrity Check without Additional IP and without TEE for Low/Mid Automotive Segments Harman International India Pvt Limited
- Format:
- Book
- Conference/Event
- Author/Creator:
- Thekkumbadan, Shyju, author.
- Conference Name:
- WCX SAE World Congress Experience (2022-04-05 : Detroit & Online, Michigan, United States)
- Language:
- English
- Physical Description:
- 1 online resource cm
- Place of Publication:
- Warrendale, PA SAE International 2022
- Summary:
- Vehicles have more connectivity options now-a-days and these increasing connection options are giving more chances for an intruder to exploit the system. So, the vehicle manufacturers need to make the ECU in the vehicle more secure. To make the system secure, the embedded system must secure all the assets in the system. Examples of assets are Software, Kernel or Operating system, cryptographic Keys, Passwords, user data, et cetera In this, securing the Kernel is extremely important as an intruder can even exploit the operating system characteristics just by changing the kernel code without introducing a trojan in the system. Also, the Kernel is the one entity that manages all permissions, so, if the kernel is hacked, these permissions also get compromised. The proposed approach is to make the kernel secure by doing the integrity check periodically of the kernel code loaded into the main memory of the system. This method uses ARM TrustZone technology which reduces the risk of attacks by hardware partition and separating the critical assets related to security. The Arm TrustZone technology protects the security-critical operations by executing them in a trusted execution environment (TEE). The idea to use the ARM TrustZone for the approach is, Kernel security check needs to be done at high privilege level than the Kernel. The kernel privilege level is Exception Level 1 (EL1), and the monitor code has the highest privilege level that is Exception Level 3 (EL3). This proposal can be used in all mid/low automotive ECUs where neither a dedicated hardware controller nor Trusted execution environment (TEE) is available
- Notes:
- Vendor supplied data
- Publisher Number:
- 2022-01-0126
- Access Restriction:
- Restricted for use by site license
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.