A lightweight monitoring service for multi-core embedded systems

Hiromasa Shimada, Alexandre Courbot, Yuki Kinebuchi, Tatsuo Nakajima

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    9 Citations (Scopus)

    Abstract

    The recent increase in complexity and functionality in embedded systems makes them more vulnerable to rootkit-type attacks, raising the need for integrity management systems. However, as of today there is no such system that can guarantee the system's safety while matching the low-resource, real-time and multi-core requirements of embedded systems. In this paper, we present a Virtual Machine Monitor (VMM) based monitoring service for embedded systems that checks the actual kernel data against a safe data specification. However, due to the VMM and multi-core nature of the system, the guest OS can be preempted at any time, leading to the checking of potentially inconsistent states. We evaluated two approaches to solve this problem: detecting such invalid states by checking specific kernel data, and detecting system calls using the VMM.

    Original languageEnglish
    Title of host publicationISORC 2010 - 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing
    Pages202-209
    Number of pages8
    Volume1
    DOIs
    Publication statusPublished - 2010
    Event13th IEEE International Symposium on Object, Component, and Service-Oriented Real-Time Distributed Computing, ISORC 2010 - Carmona, Sevilla
    Duration: 2010 May 52010 May 6

    Other

    Other13th IEEE International Symposium on Object, Component, and Service-Oriented Real-Time Distributed Computing, ISORC 2010
    CityCarmona, Sevilla
    Period10/5/510/5/6

    Fingerprint

    Embedded systems
    Embedded Systems
    Monitoring
    Virtual Machine
    Monitor
    Computer monitors
    Security systems
    kernel
    Specifications
    Inconsistent
    Integrity
    Safety
    Attack
    Virtual machine
    Specification
    Real-time
    Resources
    Requirements
    Malware

    ASJC Scopus subject areas

    • Computational Theory and Mathematics
    • Computer Science Applications
    • Theoretical Computer Science

    Cite this

    Shimada, H., Courbot, A., Kinebuchi, Y., & Nakajima, T. (2010). A lightweight monitoring service for multi-core embedded systems. In ISORC 2010 - 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing (Vol. 1, pp. 202-209). [5479553] https://doi.org/10.1109/ISORC.2010.12

    A lightweight monitoring service for multi-core embedded systems. / Shimada, Hiromasa; Courbot, Alexandre; Kinebuchi, Yuki; Nakajima, Tatsuo.

    ISORC 2010 - 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing. Vol. 1 2010. p. 202-209 5479553.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Shimada, H, Courbot, A, Kinebuchi, Y & Nakajima, T 2010, A lightweight monitoring service for multi-core embedded systems. in ISORC 2010 - 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing. vol. 1, 5479553, pp. 202-209, 13th IEEE International Symposium on Object, Component, and Service-Oriented Real-Time Distributed Computing, ISORC 2010, Carmona, Sevilla, 10/5/5. https://doi.org/10.1109/ISORC.2010.12
    Shimada H, Courbot A, Kinebuchi Y, Nakajima T. A lightweight monitoring service for multi-core embedded systems. In ISORC 2010 - 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing. Vol. 1. 2010. p. 202-209. 5479553 https://doi.org/10.1109/ISORC.2010.12
    Shimada, Hiromasa ; Courbot, Alexandre ; Kinebuchi, Yuki ; Nakajima, Tatsuo. / A lightweight monitoring service for multi-core embedded systems. ISORC 2010 - 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing. Vol. 1 2010. pp. 202-209
    @inproceedings{89e89bd64c1749089d2ca8efd70a6c12,
    title = "A lightweight monitoring service for multi-core embedded systems",
    abstract = "The recent increase in complexity and functionality in embedded systems makes them more vulnerable to rootkit-type attacks, raising the need for integrity management systems. However, as of today there is no such system that can guarantee the system's safety while matching the low-resource, real-time and multi-core requirements of embedded systems. In this paper, we present a Virtual Machine Monitor (VMM) based monitoring service for embedded systems that checks the actual kernel data against a safe data specification. However, due to the VMM and multi-core nature of the system, the guest OS can be preempted at any time, leading to the checking of potentially inconsistent states. We evaluated two approaches to solve this problem: detecting such invalid states by checking specific kernel data, and detecting system calls using the VMM.",
    author = "Hiromasa Shimada and Alexandre Courbot and Yuki Kinebuchi and Tatsuo Nakajima",
    year = "2010",
    doi = "10.1109/ISORC.2010.12",
    language = "English",
    isbn = "9780769540375",
    volume = "1",
    pages = "202--209",
    booktitle = "ISORC 2010 - 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing",

    }

    TY - GEN

    T1 - A lightweight monitoring service for multi-core embedded systems

    AU - Shimada, Hiromasa

    AU - Courbot, Alexandre

    AU - Kinebuchi, Yuki

    AU - Nakajima, Tatsuo

    PY - 2010

    Y1 - 2010

    N2 - The recent increase in complexity and functionality in embedded systems makes them more vulnerable to rootkit-type attacks, raising the need for integrity management systems. However, as of today there is no such system that can guarantee the system's safety while matching the low-resource, real-time and multi-core requirements of embedded systems. In this paper, we present a Virtual Machine Monitor (VMM) based monitoring service for embedded systems that checks the actual kernel data against a safe data specification. However, due to the VMM and multi-core nature of the system, the guest OS can be preempted at any time, leading to the checking of potentially inconsistent states. We evaluated two approaches to solve this problem: detecting such invalid states by checking specific kernel data, and detecting system calls using the VMM.

    AB - The recent increase in complexity and functionality in embedded systems makes them more vulnerable to rootkit-type attacks, raising the need for integrity management systems. However, as of today there is no such system that can guarantee the system's safety while matching the low-resource, real-time and multi-core requirements of embedded systems. In this paper, we present a Virtual Machine Monitor (VMM) based monitoring service for embedded systems that checks the actual kernel data against a safe data specification. However, due to the VMM and multi-core nature of the system, the guest OS can be preempted at any time, leading to the checking of potentially inconsistent states. We evaluated two approaches to solve this problem: detecting such invalid states by checking specific kernel data, and detecting system calls using the VMM.

    UR - http://www.scopus.com/inward/record.url?scp=77954787341&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=77954787341&partnerID=8YFLogxK

    U2 - 10.1109/ISORC.2010.12

    DO - 10.1109/ISORC.2010.12

    M3 - Conference contribution

    SN - 9780769540375

    VL - 1

    SP - 202

    EP - 209

    BT - ISORC 2010 - 2010 13th IEEE International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing

    ER -