Home // ADAPTIVE 2017, The Ninth International Conference on Adaptive and Self-Adaptive Systems and Applications // View article

Memory-Map Shuffling: An Adaptive Security-Risk Mitigation

Authors:
Pierre Schnarz
Andreas Rausch
Joachim Wietzke

Keywords: Security; Mixed-Criticality; Obfuscation; Automotive.

Abstract:
Automotive products, such as electronic control units, evolve increasingly towards adaptive solutions. From many perspectives, solutions need to be flexible with regards to the entire originating process and operation process. Here, the product development cycle, the product life-cycle and even product lines describe the dimensions a solution might have to adapt to. Certain requirements to secure the product continuously add further complexity to the aforementioned dimensions. Adversaries adapt - so the protection shall as well. However, adapting, particularly, technical solutions to products, implies the need for agnostic approaches. In this article, we propose a security-risk mitigation concept which aims to fit into the evolving automotive originating process applied to a particular class of electronic control units. Technically, the proposed approach shuffles the system memory-map of an asynchronous multiprocessing system. On the intermediate layer between the hardware and software, the assignment of memory and resources is obfuscated to a potential adversary who managed to breach one of the higher level memory protection mechanisms. As a result, the proposed mitigation adds either a further level in a defense-in-depth security architecture or fixes a structural vulnerability of certain hardware architectures.

Pages: 70 to 75

Copyright: Copyright (c) IARIA, 2017

Publication date: February 19, 2017

Published in: conference

ISSN: 2308-4146

ISBN: 978-1-61208-532-6

Location: Athens, Greece

Dates: from February 19, 2017 to February 23, 2017