Embedded systems security: Threats, vulnerabilities, and attack taxonomy

2021 ◽

Vol 52 (2) ◽

pp. 25-67

Author(s):

Steffi Haag ◽

Mikko Siponen ◽

Fufan Liu

Keyword(s):

Information Systems ◽

Protection Motivation Theory ◽

Protection Motivation ◽

Security Threats ◽

Motivation Theory ◽

Road Map ◽

Systems Security ◽

Security Research ◽

Is Security ◽

New Research

Protection motivation theory (PMT) is one of the most commonly used theories to examine information security behaviors. Our systematic review of the application of PMT in information systems (IS) security and the comparison with its application for decades in psychology identified five categories of important issues that have not yet been examined in IS security research. Discussing these issues in terms of why they are relevant and important for IS security, and to what extent IS research has not considered them, offers new research opportunities associated with the study of PMT and IS security threats. We suggest how future studies can approach each of the open issues to provide a new road map for quantitative and qualitative IS scholars.

Download Full-text

SAFETY CRITICAL MARITIME INFRASTRUCTURE SYSTEMS RESILIENCE: A CRITICAL REVIEW

The International Journal of Maritime Engineering ◽

10.5750/ijme.v158ia3.990 ◽

2021 ◽

Vol 158 (A3) ◽

Author(s):

A John ◽

T C Nwaoha

Keyword(s):

Dynamic Environment ◽

Risk Governance ◽

Economic Damage ◽

Security Threats ◽

Safety Critical ◽

Systems Security ◽

Maritime Operations ◽

High Level ◽

Operational Processes ◽

Maritime Infrastructure

Safety Critical Maritime Infrastructure (SCMI) systems are vulnerable to diverse risks in their challenging field of operations due to their interactions and interdependence. In addition, the multiplicity of stakeholders in these systems and the complex operational scenarios are often associated with a high level of uncertainty because they usually operate in a dynamic environment in which the boundaries of safety are pushed, leading to the disruption of operations. Therefore, the safety of these systems is very important to ensuring resilience of their operations. This research is focus on the background analysis of SCMI systems. This includes operational processes of SCMI systems, security threats and estimates of economic damage to the system, resilience engineering literature relevant to maritime operations; regulatory overview including risk governance of the systems, lessons learnt from major accidents and a concluding remark is drawn.

Download Full-text

Proceedings of the 9th Workshop on Embedded Systems Security - WESS '14

10.1145/2668322 ◽

2014 ◽

Keyword(s):

Embedded Systems ◽

Systems Security

Download Full-text

Session details: Embedded Systems Security 1

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17 ◽

10.1145/3248549 ◽

2017 ◽

Author(s):

Daphne Yao

Keyword(s):

Embedded Systems ◽

Systems Security

Download Full-text

Embedded systems security: An evaluation methodology against Side Channel Attacks

Proceedings of the 2011 Conference on Design & Architectures for Signal & Image Processing (DASIP) ◽

10.1109/dasip.2011.6136885 ◽

2011 ◽

Cited By ~ 2

Author(s):

Youssef Souissi ◽

Jean-Luc Danger ◽

Sylvain Guilley ◽

Sihvam Bhasin ◽

Maxime Nassar

Keyword(s):

Embedded Systems ◽

Evaluation Methodology ◽

Side Channel ◽

Side Channel Attacks ◽

Systems Security

Download Full-text

Leveraging Embedded Systems Security by Hackers Attack Detection

Fifth International Conference on Advances in Computing, Control and Networking - ACCN 2016 ◽

10.15224/978-1-63248-104-7-02 ◽

2016 ◽

Author(s):

ARIEL LUTENBERG ◽

BRUNO C ◽

FABIAN VARGAS ◽

FEDERICO ZACCHIGNA ◽

LETICIA BOLZANI ◽

...

Keyword(s):

Embedded Systems ◽

Attack Detection ◽

Systems Security

Download Full-text

Embedded Systems Security

10.1016/c2010-0-67275-0 ◽

2012 ◽

Keyword(s):

Embedded Systems ◽

Systems Security

Download Full-text

Embedded Systems Security

Cyber Security Standards, Practices and Industrial Applications ◽

10.4018/978-1-60960-851-4.ch010 ◽

2011 ◽

pp. 179-198

Author(s):

Muhammad Farooq-i-Azam ◽

Muhammad Naeem Ayyaz

Keyword(s):

Embedded Systems ◽

General Purpose ◽

Digital Systems ◽

Design And Development ◽

Secure Systems ◽

Software Applications ◽

Design Methodologies ◽

Systems Security ◽

Hardware Implementations ◽

The Way

Not long ago, it was thought that only software applications and general purpose digital systems i.e. computers were prone to various types of attacks against their security. The underlying hardware, hardware implementations of these software applications, embedded systems, and hardware devices were considered to be secure and out of reach of these attacks. However, during the previous few years, it has been demonstrated that novel attacks against the hardware and embedded systems can also be mounted. Not only viruses, but worms and Trojan horses have been developed for them, and they have also been demonstrated to be effective. Whereas a lot of research has already been done in the area of security of general purpose computers and software applications, hardware and embedded systems security is a relatively new and emerging area of research. This chapter provides details of various types of existing attacks against hardware devices and embedded systems, analyzes existing design methodologies for their vulnerability to new types of attacks, and along the way describes solutions and countermeasures against them for the design and development of secure systems.

Download Full-text