Embedded Systems Security
While actively engaged in the research and development of host-based security solutions to defend and counter attacks from malicious attackers, engineers at Southwest Research Institute (SwRI) focus research on developing systems that can be provably secure, efficient, and flexible. SwRI is an independent research and development organization that offers experience in assessing the needs of customers and developing innovative solutions to their host-based security issues. Areas of research include:
- Root-of-Trust Solutions
- Trusted Platform Modules
- Secure Computing Architectures
Developing a root-of-trust is an important part of designing a provably secure system. Engineers at SwRI focus their research on leveraging technology such as Intel Trusted Execution (TXT) and Trusted Platform Modules (TPMs) to develop a secure root-of-trust.
Trusted platform modules (TPMs) are secure crypto-processors and are included in many commercial notebooks and systems. Trusted platform modules are used for:
- Secure storage
- Trusted authentication
- Secure boot
- Storage encryption
- Remote software/system attestation
SwRI has extensive experience integrating TPMs into systems to provide secure authentication and encryption for embedded devices.
Virtualization is an innovative technology that allows one or more virtualized operating systems to execute on a single physical processor. Virtualization is used in industry to increase hardware utilization by consolidating multiple systems onto a single host, thus lowering operating costs. However, there are some risks associated with system consolidation, such as:
- Cross-VM attacks
- Denial-of-service attacks
- Host system compromise
Internal research at SwRI has focused on the mitigation of risks associated with system consolidation and the development of tools to assist in virtual machine partitioning.
A hypervisor is a thin software layer that enables the virtualization of operating systems on a host processor. Research at SwRI focuses on the utilization of the hypervisor as a secure system monitor.
The development of a true root-of-trust solution requires changes in traditional computing architectures. SwRI has funded internal research and development for developing a provably secure computing architecture.
root of trust • cyber security • virtualization • hypervisors • host-based intrusion detection • trusted platform modules • trusted boot • trusted execution technology • policy-based security • MILS