Security Driven Design Space Exploration for Embedded Systems

With the advent of the Internet of Things (IoT) and Cyber Physical Systems (CPS), embedded devices have been gaining importance in our daily lives, as well as industrial processes. Independent of their usage, be it within an IoT system or a CPS, embedded devices are always an attractive target for security attacks, largely due to their continuous network availability and the importance of the data they handle. Thus, the design of such systems requires a thorough consideration of the various security constraints they are liable to. Introducing these security constraints, next to other requirements (e.g. power consumption, performance, etc.), increases the number of design choices that must be taken. As the various constraints are often conflicting each other, designers are faced with the complex task of balancing them. To support a system designer in this job, Design Space Exploration (DSE) tools can be facilitated. However, available DSE tools only offer a limited way of considering security constraints during the design process. In this paper we introduce a novel DSE framework, which allows the consideration of security constraints, in the form of attack scenarios, and attack mitigations, in the form of security tasks. Based on the descriptions of the system’s functionality and architecture, possible attacks, and known mitigation techniques, the framework finds the optimal design for an secure IoT device or CPS. Our framework’s functionality and its benefits are shown based on the design of a secure sensor system.