City Research Online

Diversity, Safety and Security in Embedded Systems: modelling adversary effort and supply chain risks

Gashi, I., Povyakalo, A. A. & Strigini, L. (2016). Diversity, Safety and Security in Embedded Systems: modelling adversary effort and supply chain risks. In: 2016 12th European Dependable Computing Conference (EDCC). . IEEE. ISBN 978-1-5090-1582-5 doi: 10.1109/EDCC.2016.27


We present quantitative considerations for the design of redundancy and diversity in embedded systems with security requirements. The potential for malicious activity against these systems have complicated requirements and design choices. New design trade-offs have arisen besides those already familiar in this area: for instance, adding redundancy may increase the attack surface of a system and thus increase overall risk. Our case study concerns protecting redundant communications between a control system and its controlled physical system. We study the effects of using: (i) different encryption keys on replicated channels, and (ii) diverse encryption schemes and implementations. We consider two attack scenarios, with adversaries having access to (i) ways of reducing the search space in attacks using random searches for keys; or (ii) hidden major flaws in some crypto algorithm or implementation. Trade-offs between the requirements of integrity and confidentiality are found, but not in all cases. Simple models give useful design insights. In this system, we find that key diversity improves integrity without impairing confidentiality – no trade-offs arise between the two – and it can substantially increase adversary effort, but it will not remedy substantial weaknesses of the crypto system. Implementation diversity does involve design trade-offs between integrity and confidentiality, which we analyse, but turns out to be generally desirable for highly critical applications of the control system considered.

Publication Type: Conference or Workshop Item (Paper)
Additional Information: © © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.”
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments: School of Science & Technology > Computer Science
Text - Accepted Version
Download (468kB) | Preview



Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login