{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:21:37Z","timestamp":1750306897820,"version":"3.41.0"},"reference-count":25,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2013,3,10]],"date-time":"2013-03-10T00:00:00Z","timestamp":1362873600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Embed. Comput. Syst."],"published-print":{"date-parts":[[2013,3,10]]},"abstract":"<jats:p>System security is an increasingly important design criterion for many embedded systems. These systems are often portable and more easily attacked than traditional desktop and server computing systems. Key requirements for system security include defenses against physical attacks and lightweight support in terms of area and power consumption. Our new approach to embedded system security focuses on the protection of application loading and secure application execution. During secure application loading, an encrypted application is transferred from on-board flash memory to external double data rate synchronous dynamic random access memory (DDR-SDRAM) via a microprocessor. Following application loading, the core-based security technique provides both confidentiality and authentication for data stored in a microprocessor's system memory. The benefits of our low overhead memory protection approaches are demonstrated using four applications implemented in a field-programmable gate array (FPGA) in an embedded system prototyping platform. Each application requires a collection of tasks with varying memory security requirements. The configurable security core implemented on-chip inside the FPGA with the microprocessor allows for different memory security policies for different application tasks. An average memory saving of 63% is achieved for the four applications versus a uniform security approach. The lightweight circuitry included to support application loading from flash memory adds about 10% FPGA area overhead to the processor-based system and main memory security hardware.<\/jats:p>","DOI":"10.1145\/2442116.2442121","type":"journal-article","created":{"date-parts":[[2013,4,9]],"date-time":"2013-04-09T12:17:58Z","timestamp":1365509878000},"page":"1-23","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Configurable memory security in embedded systems"],"prefix":"10.1145","volume":"12","author":[{"given":"J\u00e9r\u00e9mie","family":"Crenne","sequence":"first","affiliation":[{"name":"Universit\u00e9 Europ\u00e9enne de Bretagne, France"}]},{"given":"Romain","family":"Vaslin","sequence":"additional","affiliation":[{"name":"Universit\u00e9 Europ\u00e9enne de Bretagne, France"}]},{"given":"Guy","family":"Gogniat","sequence":"additional","affiliation":[{"name":"Universit\u00e9 Europ\u00e9enne de Bretagne, France"}]},{"given":"Jean-Philippe","family":"Diguet","sequence":"additional","affiliation":[{"name":"Universit\u00e9 Europ\u00e9enne de Bretagne, France"}]},{"given":"Russell","family":"Tessier","sequence":"additional","affiliation":[{"name":"University of Massachusetts, Amherst, MA"}]},{"given":"Deepak","family":"Unnikrishnan","sequence":"additional","affiliation":[{"name":"University of Massachusetts, Amherst, MA"}]}],"member":"320","published-online":{"date-parts":[[2013,4,8]]},"reference":[{"volume-title":"FPGA Design Security Solution Using a Secure Memory Device Reference Design","author":"Altera Corporation 2008.","key":"e_1_2_1_1_1","unstructured":"Altera Corporation 2008. FPGA Design Security Solution Using a Secure Memory Device Reference Design . Altera Corporation . Altera Corporation 2008. FPGA Design Security Solution Using a Secure Memory Device Reference Design. Altera Corporation."},{"key":"e_1_2_1_2_1","unstructured":"Alves T. and Felton D. 2004. TrustZone: Integrated Hardware and Software Security. ARM White Paper.  Alves T. and Felton D. 2004. TrustZone: Integrated Hardware and Software Security. ARM White Paper."},{"volume-title":"Security Engineering","author":"Anderson R.","key":"e_1_2_1_3_1","unstructured":"Anderson , R. 2001. Security Engineering . John Wiley & Sons, Inc. , New York, NY . Anderson, R. 2001. Security Engineering. John Wiley & Sons, Inc., New York, NY."},{"volume-title":"Proceedings of the IEEE Symposium on Security and Privacy. 65--71","author":"Arbaugh W.","key":"e_1_2_1_4_1","unstructured":"Arbaugh , W. , Farber , D. , and Smith , J . 1997. A secure and reliable bootstrap architecture . In Proceedings of the IEEE Symposium on Security and Privacy. 65--71 . Arbaugh, W., Farber, D., and Smith, J. 1997. A secure and reliable bootstrap architecture. In Proceedings of the IEEE Symposium on Security and Privacy. 65--71."},{"volume-title":"Proceedings of the International Conference on Field-Programmable Logic and Applications. 317--322","author":"Badrignans B.","key":"e_1_2_1_5_1","unstructured":"Badrignans , B. , Elbaz , R. , and Torres , L . 2008. Secure FPGA configuration architecture preventing system downgrade . In Proceedings of the International Conference on Field-Programmable Logic and Applications. 317--322 . Badrignans, B., Elbaz, R., and Torres, L. 2008. Secure FPGA configuration architecture preventing system downgrade. In Proceedings of the International Conference on Field-Programmable Logic and Applications. 317--322."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICYCS.2008.535"},{"key":"e_1_2_1_7_1","doi-asserted-by":"crossref","unstructured":"Dougherty E. R. and Lotufo R. A. 2003. Hands-on Morphological Image Processing. SPIE Press New York NY.  Dougherty E. R. and Lotufo R. A. 2003. Hands-on Morphological Image Processing. SPIE Press New York NY.","DOI":"10.1117\/3.501104"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/1661438.1661441"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1146909.1147042"},{"volume-title":"Proceedings of the International Symposium on High Performance Computer Architecture. 295--306","author":"Gassend B.","key":"e_1_2_1_10_1","unstructured":"Gassend , B. , Suh , G. E. , Clarke , D. , van Dijk , M. , and Devadas , S . 2003. Caches and Merkle trees for efficient memory integrity verification . In Proceedings of the International Symposium on High Performance Computer Architecture. 295--306 . Gassend, B., Suh, G. E., Clarke, D., van Dijk, M., and Devadas, S. 2003. Caches and Merkle trees for efficient memory integrity verification. In Proceedings of the International Symposium on High Performance Computer Architecture. 295--306."},{"key":"e_1_2_1_11_1","unstructured":"Heath C. and Klimov A. 2006. A foundation for secure mobile DRM embedded security. Wireless Design Magazine 32--34.  Heath C. and Klimov A. 2006. A foundation for secure mobile DRM embedded security. Wireless Design Magazine 32--34."},{"volume-title":"The Real-Time Kernel","author":"LaBrosse J.","key":"e_1_2_1_12_1","unstructured":"LaBrosse , J. 2002. Micro C\/ OS-II : The Real-Time Kernel . CMP Books , San Francisco, CA . LaBrosse, J. 2002. MicroC\/OS-II: The Real-Time Kernel. CMP Books, San Francisco, CA."},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1450135.1450144"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945463"},{"key":"e_1_2_1_15_1","unstructured":"McGrew D. and Viega J. 2004. The Galois\/Counter Mode of Operation (GCM). Submission to NIST Modes of Operation Process.  McGrew D. and Viega J. 2004. The Galois\/Counter Mode of Operation (GCM). Submission to NIST Modes of Operation Process."},{"volume-title":"Recommendation for Block Cipher Modes of Operation: Galois\/Counter Mode (GCM) and (GMAC)","author":"National Institute of Standards and Technology 2007.","key":"e_1_2_1_16_1","unstructured":"National Institute of Standards and Technology 2007. Recommendation for Block Cipher Modes of Operation: Galois\/Counter Mode (GCM) and (GMAC) . National Institute of Standards and Technology . Special publication 800-38D. National Institute of Standards and Technology 2007. Recommendation for Block Cipher Modes of Operation: Galois\/Counter Mode (GCM) and (GMAC). National Institute of Standards and Technology. Special publication 800-38D."},{"volume-title":"Proceedings of the Symposium on VLSI Circuits. 213--216","author":"Pasotti M.","key":"e_1_2_1_17_1","unstructured":"Pasotti , M. , Sandre , G. D. , Iezzi , D. , Lena , D. , Muzzi , G. , Poles , M. , and Rolandi , P. L . 2003. An application specific embeddable flash memory system for non-volatile storage of code, data and bit-streams for embedded FPGA configurations . In Proceedings of the Symposium on VLSI Circuits. 213--216 . Pasotti, M., Sandre, G. D., Iezzi, D., Lena, D., Muzzi, G., Poles, M., and Rolandi, P. L. 2003. An application specific embeddable flash memory system for non-volatile storage of code, data and bit-streams for embedded FPGA configurations. In Proceedings of the Symposium on VLSI Circuits. 213--216."},{"volume-title":"Proceedings of the IEEE\/ACM International Symposium on Microarchitecture. 339--350","author":"Suh G. E.","key":"e_1_2_1_18_1","unstructured":"Suh , G. E. , Clarke , D. , Gassend , B. , van Dijk , M. , and Devadas , S . 2003. Efficient memory integrity verification and encryption for secure processors . In Proceedings of the IEEE\/ACM International Symposium on Microarchitecture. 339--350 . Suh, G. E., Clarke, D., Gassend, B., van Dijk, M., and Devadas, S. 2003. Efficient memory integrity verification and encryption for secure processors. In Proceedings of the IEEE\/ACM International Symposium on Microarchitecture. 339--350."},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA.2005.22"},{"volume-title":"Proceedings of the IEEE Conference on Field Programmable Technology. 153--160","author":"Vaslin R.","key":"e_1_2_1_20_1","unstructured":"Vaslin , R. , Gogniat , G. , Diguet , J.-P. , Tessier , R. , Unnikrishnan , D. , and Gaj , K . 2008. Memory security management for reconfigurable embedded systems . In Proceedings of the IEEE Conference on Field Programmable Technology. 153--160 . Vaslin, R., Gogniat, G., Diguet, J.-P., Tessier, R., Unnikrishnan, D., and Gaj, K. 2008. Memory security management for reconfigurable embedded systems. In Proceedings of the IEEE Conference on Field Programmable Technology. 153--160."},{"volume-title":"Lock Your Designs with the Virtex-4 Security Solution","author":"Xilinx Corporation 2005.","key":"e_1_2_1_21_1","unstructured":"Xilinx Corporation 2005. Lock Your Designs with the Virtex-4 Security Solution . Xilinx Corporation . Xilinx Corporation 2005. Lock Your Designs with the Virtex-4 Security Solution. Xilinx Corporation."},{"volume-title":"Microblaze Processor Reference Guide","author":"Xilinx Corporation 2009.","key":"e_1_2_1_22_1","unstructured":"Xilinx Corporation 2009. Microblaze Processor Reference Guide . Xilinx Corporation . Xilinx Corporation 2009. Microblaze Processor Reference Guide. Xilinx Corporation."},{"volume-title":"Spartan-6 Family Overview","author":"Xilinx Corporation - DS160 2010.","key":"e_1_2_1_23_1","unstructured":"Xilinx Corporation - DS160 2010. Spartan-6 Family Overview . Xilinx Corporation - DS 160. Xilinx Corporation - DS160 2010. Spartan-6 Family Overview. Xilinx Corporation - DS160."},{"volume-title":"SP605 Hardware User Guide","author":"Xilinx Corporation - UG526 2010.","key":"e_1_2_1_24_1","unstructured":"Xilinx Corporation - UG526 2010. SP605 Hardware User Guide . Xilinx Corporation - UG 526. Xilinx Corporation - UG526 2010. SP605 Hardware User Guide. Xilinx Corporation - UG526."},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA.2006.22"}],"container-title":["ACM Transactions on Embedded Computing Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2442116.2442121","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2442116.2442121","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T08:19:06Z","timestamp":1750234746000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2442116.2442121"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,3,10]]},"references-count":25,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2013,3,10]]}},"alternative-id":["10.1145\/2442116.2442121"],"URL":"https:\/\/doi.org\/10.1145\/2442116.2442121","relation":{},"ISSN":["1539-9087","1558-3465"],"issn-type":[{"type":"print","value":"1539-9087"},{"type":"electronic","value":"1558-3465"}],"subject":[],"published":{"date-parts":[[2013,3,10]]},"assertion":[{"value":"2010-11-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2011-09-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2013-04-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}