Detecting Software Theft in Embedded Systems: A Side-Channel Approach
- 3 April 2012
- journal article
- research article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Information Forensics and Security
- Vol. 7 (4), 1144-1154
- https://doi.org/10.1109/tifs.2012.2191964
Abstract
Source code plagiarism has become a serious problem for the industry. Although there exist many software solutions for comparing source codes, they are often not practical in the embedded environment. Today's microcontrollers have frequently implemented a memory read protection that prevents a verifier from reading out the necessary source code. In this paper, we present three verification methods to detect software plagiarism in embedded software without knowing the implemented source code. All three approaches make use of side-channel information that is obtained during the execution of the suspicious code. The first method is passive, i.e., no previous modification of the original code is required. It determines the Hamming weights of the executed instructions of the suspicious device and uses string matching algorithms for comparisons with a reference implementation. In contrast, the second method inserts additional code fragments as a watermark that can be identified in the power consumption of the executed source code. As a third method, we present how this watermark can be extended by using a signature that serves as a proof-of-ownership. We show that particularly the last two approaches are very robust against code-transformation attacks.Keywords
This publication has 11 references indexed in Scilit:
- An Efficient Method for Eliminating Random Delays in Power Traces of Embedded SoftwareLecture Notes in Computer Science, 2012
- Side-channel watermarks for embedded softwarePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2011
- Transverse Magnetic Wave Propagation in a Bundle of Carbon NanotubesAIP Conference Proceedings, 2011
- Side-channel based watermarks for integrated circuitsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2010
- More on graph theoretic software watermarks: Implementation, analysis, and attacksInformation and Software Technology, 2009
- Algorithms to Watermark Software Through Register AllocationLecture Notes in Computer Science, 2006
- A Survey of Software WatermarkingLecture Notes in Computer Science, 2005
- Dot plots for time series analysisPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Approximate Boyer–Moore String MatchingSIAM Journal on Computing, 1993
- The Diagram, a Method for Comparing SequencesEuropean Journal of Biochemistry, 1970