Software-Hardware Binding for Protection of Sensitive Data in Embedded Software

Bernhard Fischer, Daniel Dorfmeister, Flavio Ferrarotti, Manuel Penz, Michael Benjamin Kargl, Martina Zeinzinger, Florian Eibensteiner

Publikation: KonferenzbeitragPapierBegutachtung

Abstract

Embedded software used in industrial systems frequently relies on data that ensures the correct and efficient operation of these systems.
Thus, companies invest considerable resources in fine-tuning this data, making it their valuable intellectual property (IP).
We present a novel protection mechanism for this IP that combines fingerprints extracted from hardware with Boolean logic.
Unlike usual copy protection approaches, illegal copies of the software still run on cloned devices, but suboptimally.
According to our security evaluation, only a complex dynamic analysis of the protected software running on the genuine target device can reveal the secret data.
This makes the protection offered by our method more difficult to bypass.
Notably, our approach does not require additional hardware, relying only on relatively simple updates to the software.
We evaluate our protection mechanism by binding the parameters of a PID controller to a microcontroller unit (MCU) by using a physically unclonable function (PUF) based on its SRAM.
OriginalspracheEnglisch
PublikationsstatusAngenommen/Im Druck - 2025
Veranstaltung40th ACM/SIGAPP Symposium On Applied Computing - Catania International Airport Hotel, Catania, Sicily, Italien
Dauer: 31 März 20254 Apr. 2025
https://www.sigapp.org/sac/sac2025/

Konferenz

Konferenz40th ACM/SIGAPP Symposium On Applied Computing
KurztitelSAC 2025
Land/GebietItalien
OrtCatania, Sicily
Zeitraum31.03.202504.04.2025
Internetadresse

Fingerprint

Untersuchen Sie die Forschungsthemen von „Software-Hardware Binding for Protection of Sensitive Data in Embedded Software“. Zusammen bilden sie einen einzigartigen Fingerprint.

Zitieren