Rugged embedded systems computing in harsh environments
Rugged Embedded Systems: Computing in Harsh Environments describes how to design reliable embedded systems for harsh environments, including architectural approaches, cross-stack hardware/software techniques, and emerging challenges and opportunities. A "harsh environment" presents inheren...
| Other Authors: | , , |
|---|---|
| Format: | eBook |
| Language: | Inglés |
| Published: |
Amsterdam, [Netherlands] :
Morgan Kaufmann
2017.
|
| Edition: | First edition |
| Subjects: | |
| See on Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009631654506719 |
Table of Contents:
- Front Cover
- Rugged Embedded Systems: Computing in Harsh Environments
- Copyright
- Dedication
- Contents
- Contributors
- Preface
- Chapter 1: Introduction
- 1. Who This Book Is For
- 2. How This Book Is Organized
- Acknowledgments
- References
- Chapter 2: Reliable and power-aware architectures: Fundamentals and modeling
- 1. Introduction
- 2. The Need for Reliable Computer Systems
- 2.1. Sustaining Quality of Service in the Presence of Faults, Errors, and Failures
- 2.2. Processing Phases of Computing System Resiliency
- 3. Measuring Resilience
- 3.1. Cost Metrics
- 3.2. Effectiveness Metrics
- 4. Metrics on Power-Performance Impact
- 5. Hard-Error Vulnerabilities
- 6. Soft-Error Vulnerabilities
- 6.1. Application Characterization Through Fault Injection
- 7. Microbenchmark Generation
- 7.1. Overview
- 7.2. Example of a Microbenchmark Generation Process
- 8. Power and Performance Measurement and Modeling
- 8.1. In-Band Versus Out-of-Band Data Collection
- 8.2. Processor Performance Counters
- 8.3. Power Modeling
- 9. Summary
- References
- Chapter 3: Real-time considerations for rugged embedded systems
- 1. Operating in Harsh Environments
- 2. Case Study: A Field Programmable Gate Array Prototype for the Validation of Real-Time Algorithms
- 3. Architecture
- 3.1. Prototype
- 3.2. Multiprocessor Interrupt Controller
- 4. Real-time Support
- 4.1. MPDP Algorithm
- 4.2. Implementation Details
- 5. Evaluation
- 6. Conclusions
- References
- Chapter 4: Emerging resilience techniques for embedded devices
- 1. Advancing Beyond Static Redundancy and Traditional Fault-Tolerance Techniques
- 1.1. Comparison of Techniques
- 1.1.1. Desirable characteristics
- 1.1.2. Sustainability metrics
- Fault exploitation
- Recovery granularity
- Fault capacity
- Fault coverage
- Critical components.
- 2. Autonomous Hardware-Oriented Mitigation Techniques for Survivable Systems
- 2.1. Functional Diagnosis of Reconfigurable Fabrics
- 2.1.1. Reconfiguration Algorithm1: Divide-and-conquer method
- 2.1.2. Reconfiguration Algorithm2: FaDReS
- Hardware organization in FaDReS technique
- Anomaly detection, isolation, and recovery
- 2.1.3. Reconfiguration Algorithm3: PURE
- 2.1.4. Reconfiguration Algorithm 4: FHME
- Fault mitigation strategy
- Detection of hardware faults
- Fault diagnosis using dynamic redundancy
- Phase 1-Identifying a healthy APE
- Phase 2-Isolation of faulty APEs
- Fault recovery
- 2.2. FPGA Refurbishment Using Evolutionary Algorithms
- 2.2.1. Fault isolation via back tracing
- 2.2.2. NDER technique
- 2.2.3. Evaluating the efficacy of NDER approach
- 2.3. Summary
- 3. Tradeoffs of Resilience, Quality, and Energy in Embedded Real-Time Computation
- 3.1. Performance, Power, and Resilience Characterization for FaDReS and PURE Algorithms
- 3.2. Energy Savings and Fault-Handling Capabality of FHME
- 3.2.1. Energy saving in reconfigurable design
- 3.2.2. Online recovery results of FHME core
- 3.2.3. Comparisons and tradeoffs for TMR vs. DRFI
- 3.3. Reliability and Energy Tradeoffs at NTV
- 3.3.1. Soft errors in logic paths
- 3.3.2. NMR systems at near-threshold voltage
- 3.3.3. Energy cost of mitigating variability in NMR arrangements
- 3.3.4. Cost of increased reliability at NTV
- 3.4. Summary
- References
- Chapter 5: Resilience for extreme scale computing
- 1. Introduction
- 2. Resilience in Scientific Applications
- 3. System-Level Resilience
- 3.1. User-Level Checkpointing
- 3.2. Privileged-Level Checkpointing
- 4. Application-Specific Fault Tolerance Techniques
- 5. Resilience for Exascale Supercomputers
- 5.1. Checkpoint/Restart at Exascale
- 5.2. Flat I/O Bandwidth.
- 5.3. Task-Based Programming Models
- 5.4. Performance Anomalies
- 6. Conclusions
- References
- Chapter 6: Security in embedded systems*
- 1. Not Covered in This Chapter
- 2. Motivation
- 2.1. What Is Security?
- 2.2. Fundamental Principles
- 2.2.1. Confidentiality
- 2.2.2. Integrity
- 2.2.3. Availability
- 2.3. Threat Model
- 2.3.1. Vulnerability
- 2.3.2. Threat
- 2.3.3. Risk
- 2.3.4. Asset
- 2.3.5. Exposure
- 2.3.6. Safeguard
- 2.4. Access Control
- 2.4.1. Identification
- 2.4.2. Authentication
- 2.4.3. Authorization
- 2.4.4. Accountability
- 2.5. Security Policy
- 2.6. Why Cyber?
- 2.7. Why is Security Important?
- 2.8. Why Are Cyber Attacks so Prevalent and Growing?
- 2.8.1. Mistakes in software
- 2.8.2. Opportunity scale created by the Internet
- 2.8.3. Changing nature of the adversaries
- 2.8.4. Financial gain opportunities
- 2.8.5. Ransomware
- 2.8.6. Industrial espionage
- 2.8.7. Transformation into cyber warfare
- 2.9. Why Isnt Our Security Approach Working?
- 2.9.1. Asymmetrical
- 2.9.2. Architectural flaws
- 2.9.3. Software complexity-many vulnerabilities
- 2.9.4. Complacence, fear, no regulatory pressure to act
- 2.9.5. Lack of expertise
- 2.10. What Does This Mean for the IoT Security?
- 2.11. Attacks Against Embedded Systems
- 2.11.1. Stuxnet
- 2.11.2. Flame, Gauss, and Duqu
- Flame
- Gauss
- Duqu
- 2.11.3. Routers
- Aviation
- Automotive
- Medical
- Pace makers
- Diabetes glucose monitors and insulin pumps
- 2.12. ATM ``Jackpotting´´
- 2.13. Military
- 2.14. Infrastructure
- 2.14.1. Electric grid
- 2.15. Point-Of-Sale Systems
- 2.16. Social Engineering
- 2.16.1. Spoofing email
- 2.16.2. Phishing
- 2.16.3. Password guessing
- 2.17. How Bad Could This Be?
- 2.17.1. Heartbleed
- 2.17.2. Shellshock
- 2.17.3. Blackouts
- 3. Security &
- Computer Architecture.
- 3.1. Processor Architectures and Security Flaws
- 3.2. Solving the Processor Architecture Problem
- 3.3. Fully Exploiting Metadata Tags
- 3.4. Processor Interlocks for Policy Enforcement
- 3.5. Micro-Policies
- 3.5.1. μ-Policies enforce security
- 3.5.2. Memory safety μ-policy
- 3.5.3. Control flow integrity μ-policy
- 3.5.4. Taint tracking μ-policy
- 3.5.5. Composite policies
- 3.6. Self-Protection
- 3.6.1. Metadata protection
- 3.6.2. PIPE protection
- 3.6.3. The Dover processor
- References
- Chapter e6: Embedded security
- 1. Important Security Concepts
- 1.1. Identification and Registration
- 1.2. Authentication
- 1.2.1. Level 1
- 1.2.2. Level 2
- 1.2.3. Level 3
- 1.2.4. Level 4
- 1.2.5. Multifactor authentication
- 1.3. Authorization
- 1.4. Cryptography
- 1.4.1. Shared key encryption
- 1.4.2. Public key technologies
- Public key encryption
- Digital signature basics
- Hashing the message to a message digest
- Public key encryption of the message digest
- Signature verification
- Integrity without nonrepudiation
- 1.4.3. Certificates, CAs, and CA hierarchies-public key infrastructure
- Digital certificates are containers for public keys
- Certificate authorities issue (and sign) digital certificates
- Certificate revocation for dealing with public keys gone bad
- 1.4.4. SSL Transport Layer Security
- 1.5. Other Ways to Keep Secrets
- 1.5.1. One-time pad
- 1.5.2. Steganography
- 1.5.3. One-way functions
- 1.5.4. Elliptic curve cryptography
- 1.6. Discovering Root Cause
- 1.6.1. Automatically determining root cause
- 1.7. Using Diversity for Security [4]
- 1.8. Defense in Depth
- 1.9. Least Privilege
- 1.10. Antitampering
- 2. Security and Network Architecture
- 2.1. IPsec
- 2.1.1. Transport mode
- 2.1.2. Tunnel mode
- 2.1.3. VPN
- 2.1.4. TLS/SSL
- 2.2. Firewalls
- 2.3. Intrusion Detection.
- 2.3.1. Network intrusion-detection systems
- 2.3.2. Host intrusion-detection systems
- 2.3.3. Limitations
- 2.4. Antivirus Systems
- 2.5. Security Information Management
- 2.6. Network-Based Attacks
- 2.6.1. Denial of service (DoS)
- Types of DoS attacks
- Internet control message protocol (ICMP) flood
- (S)SYN flood
- Distributed denial-of-service
- 2.6.2. Man-in-the-middle
- Defenses against the attack
- 2.7. Introduction-Based Routing [12]
- 3. Software Vulnerability and Cyber Attacks
- 3.1. Common Weakness Enumeration
- 3.2. Common Vulnerability and Exposures
- 3.3. Who Are the Attackers
- 3.3.1. Script kiddies
- 3.3.2. Vandals
- 3.3.3. Profiteers
- 3.4. How Do the Attackers Operate?
- 3.4.1. Zero-day exploits
- 3.4.2. The good guys vs the bad guys
- 3.4.3. Vulnerability timeline
- 3.4.4. RSA attack
- 3.4.5. Multistage attacks
- 3.4.6. Advanced persistent threats
- 3.4.7. Insiders
- 3.5. How Could We Stop the Attacks?
- 3.5.1. What would have stopped the Stuxnet attack against SCADA controllers?
- 3.5.2. What would have stopped the target attack against POS systems?
- 3.6. Buffer Overflow Attacks
- 3.6.1. Use of the stack
- 3.6.2. Real stack overflow attacks
- 3.6.3. Heap overflow attacks
- 3.6.4. Stack protection
- 3.6.5. Writing secure code
- 3.7. Return-Oriented Programming Attacks
- 3.7.1. Return-into-library technique
- 3.7.2. Borrowed code chunks
- 3.7.3. Attacks
- 3.7.4. x86 architecture
- 3.7.5. Defenses
- 3.8. Code Injection Attacks
- 3.9. Side-Channel Attacks
- 3.9.1. Examples
- 3.9.2. Countermeasures
- 4. Security and Operating System Architecture
- 4.1. Least Privilege
- 4.2. Defense in Depth
- 4.2.1. Information assurance
- 4.3. Secure Operating Systems
- 4.3.1. HardenedBSD
- 4.3.2. Qubes OS
- 4.3.3. SELinux
- 4.3.4. Secure the boot and execution
- 4.3.5. UEFI.
- 4.3.6. Coreboot.
