Mechanism for Runtime Kernel Integrity Check without Additional IP and without TEE for Low/Mid Automotive Segments
Vehicles have more connectivity options now-a-days and these increasing connection options are giving more chances for an intruder to exploit the system. So, the vehicle manufacturers need to make the ECU in the vehicle more secure. To make the system secure, the embedded system must secure all the assets in the system. Examples of assets are Software, Kernel or Operating system, cryptographic Keys, Passwords, user data, etc. In this, securing the Kernel is extremely important as an intruder can even exploit the operating system characteristics just by changing the kernel code without introducing a trojan in the system. Also, the Kernel is the one entity that manages all permissions, so, if the kernel is hacked, these permissions also get compromised. The proposed approach is to make the kernel secure by doing the integrity check periodically of the kernel code loaded into the main memory of the system. This method uses ARM TrustZone technology which reduces the risk of attacks by hardware partition and separating the critical assets related to security. The Arm TrustZone technology protects the security-critical operations by executing them in a trusted execution environment (TEE). The idea to use the ARM TrustZone for the approach is, Kernel security check needs to be done at high privilege level than the Kernel. The kernel privilege level is Exception Level 1 (EL1), and the monitor code has the highest privilege level that is Exception Level 3 (EL3). This proposal can be used in all mid/low automotive ECUs where neither a dedicated hardware controller nor Trusted execution environment (TEE) is available.
- Record URL:
-
Availability:
- Find a library where document is available. Order URL: http://worldcat.org/issn/01487191
-
Supplemental Notes:
- Abstract reprinted with permission of SAE International.
-
Authors:
- Thekkumbadan, Shyju
- Pacharla, Sreedhar Reddy
- Jose, Jipin
-
Conference:
- WCX SAE World Congress Experience
- Location: Detroit & Online Michigan, United States
- Date: 2022-4-5 to 2022-4-7
- Publication Date: 2022-3-29
Language
- English
Media Info
- Media Type: Web
- Features: References;
-
Serial:
- SAE Technical Paper
- Publisher: Society of Automotive Engineers (SAE)
- ISSN: 0148-7191
- EISSN: 2688-3627
- Serial URL: http://papers.sae.org/
Subject/Index Terms
- TRT Terms: Computer security; Connectivity; Electronic controllers; Embedded systems; Manufacturing; Networks
- Subject Areas: Highways; Vehicles and Equipment;
Filing Info
- Accession Number: 01841567
- Record Type: Publication
- Source Agency: SAE International
- Report/Paper Numbers: 2022-01-0126
- Files: TRIS, SAE
- Created Date: Apr 6 2022 2:18PM