*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Title: Medical Device Security Through Hardware Signatures
Committee:
Dr. Vincent Mooney, ECE, Chair , Advisor
Dr. David Keezer, ECE, Co-Advisor
Dr. Omer Inan, ECE
Dr. Brendan Saltaformaggio, ECE
Dr. Yousef Iskander, Cisco
Dr. Santosh Pande, CS
Abstract:
This dissertation presents techniques based on hardware signatures aiming to detect malicious modifications to both hardware and software of embedded and medical devices. On the hardware side, our novel approach focuses on a run-time method for rapidly detecting Hardware Trojans (i.e., malicious hardware circuitry inserted during the manufacturing process of a digital microchip) by checking for correct functionality of the underlying hardware. An architecture that addresses these threats by splitting the design into a two-chip approach is presented where signatures are generated in the hardware at the very beginning of data harvesting and are then checked during data processing and encryption. In addition, known physiological relationships between medical data are utilized to ensure the integrity of the data that is processed by the hardware. On the software side, we present a novel hardware-assisted run-time code integrity checking technique which aims to detect if executable code resident in memory is modified at run-time by an adversary. Specifically, a hardware monitor is designed and attached to the device’s main memory system. The monitor creates page-based signatures (hashes) of the code running on the system at compile-time and stores them in a secure database. It then checks for the integrity of the code pages at run-time by regenerating the page-based hashes (with data segments zeroed out) and comparing them to the legitimate hashes. The goal is for any modification to the binary of a user-level or kernel-level process that is resident in memory to cause a comparison failure and lead to a kernel interrupt which allows the affected application to halt safely. We were able to check the majority of executable code with the exception of a few page table entries to redirect application code to libraries. Our experimental results demonstrate the efficiency and effectiveness of our proposed and implemented techniques in detecting such types of attacks while introducing minimal resource overhead and negligible performance degradation on applications running on an embedded medical device such as a heart rate monitoring application.
