Confidentiality and authenticity of data is of utmost importance. The mass deployment of easily accessible embedded devices to control critical infrastructure systems, and the use of embedded systems in other sensitive applications, illustrate the need for protecting the data processed by these systems. Many existing systems use one or more integrated circuit devices/chips to collect and distribute data to other devices within the embedded system through circuit board communication buses. These communication buses may be easily accessible on the circuit board and their data easily acquired with an unauthorized oscilloscope or other bus monitoring devices, which are sometimes termed “sniffers” or “probing threats”. Many existing low-level cyber security proposals use mechanisms that solely depend on encryption algorithms attempting to balance embedded system performance with security. Unfortunately, the encrypted data is still accessible by unauthorized oscilloscope acquisition and data access patterns might be correlated to system behavior to leak information. Alternately, depending on the encryption mechanism used, the data can be recovered by a brute force method on a highly parallel computer system. Furthermore, the authenticity of a sending device/chip is rarely verified by hardware.
To combat unauthorized oscilloscope access, some systems have implemented more complicated encryption and decryption schemes or use certificates. However, these schemes may add an unacceptable amount of overhead to inter-chip communication latencies and still leave the hardware susceptible to potential attacks that breach confidentiality and still do not address the authenticity issues.