SYSTEMS, METHODS, AND APPARATUS TO ENHANCE THE INTEGRITY ASSESSMENT WHEN USING POWER FINGERPRINTING SYSTEMS FOR COMPUTER-BASED SYSTEMS
First Claim
1. A method, comprising:
- receiving, at a first module, side-channel information of a first target component of a system, the first module being collocated with the first target component, the side-channel information of the first target component being associated with the plurality of authorized execution statuses of the first target component and an execution status of the first target component;
obtaining a power fingerprint for the first target component based on the side-channel information for the first target component, the power fingerprint for the first target component representing a plurality of authorized execution statuses of the first target component;
receiving, at a second module, side-channel information of a second target component of the system, the second module being collocated with the second target component, the side-channel information of the second target component being associated with the plurality of authorized execution statuses of the second target component and an execution status of the second target component;
obtaining a power fingerprint for the second target component based on the side-channel information for the second target component, the power fingerprint for the second target component representing a plurality of execution statuses of the second target component; and
sending, from a processor module, a reporting signal based on at least one of (1) the power fingerprint for the first target component and an execution status of the first target component, or (2) the power fingerprint for the second target component and an execution status of the second target component, the reporting signal associated with at least one of the execution status of the first target component or the execution status of the second target component.
1 Assignment
0 Petitions
Accused Products
Abstract
A power fingerprinting system is adopted for assessing integrity of a target computer-based system. In one implementation, the power fingerprinting system may receive, at a first module, side-channel information of a first target component of a system, the first module being collocated with the first target component; obtain a power fingerprint for the first target component based on the side-channel information for the first target component, the power fingerprint for the first target component representing a plurality of execution statuses of the first target component; receive, at a second module, side-channel information of a second target component of the system, the second module being collocated with the second target component, the power fingerprint for the second target component representing a plurality of execution statuses of the second target component; and obtain a power fingerprint for the second target component based on the side-channel information for the second target component.
76 Citations
20 Claims
-
1. A method, comprising:
-
receiving, at a first module, side-channel information of a first target component of a system, the first module being collocated with the first target component, the side-channel information of the first target component being associated with the plurality of authorized execution statuses of the first target component and an execution status of the first target component; obtaining a power fingerprint for the first target component based on the side-channel information for the first target component, the power fingerprint for the first target component representing a plurality of authorized execution statuses of the first target component; receiving, at a second module, side-channel information of a second target component of the system, the second module being collocated with the second target component, the side-channel information of the second target component being associated with the plurality of authorized execution statuses of the second target component and an execution status of the second target component; obtaining a power fingerprint for the second target component based on the side-channel information for the second target component, the power fingerprint for the second target component representing a plurality of execution statuses of the second target component; and sending, from a processor module, a reporting signal based on at least one of (1) the power fingerprint for the first target component and an execution status of the first target component, or (2) the power fingerprint for the second target component and an execution status of the second target component, the reporting signal associated with at least one of the execution status of the first target component or the execution status of the second target component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method, comprising:
-
sending a predefined input to an untrusted electronic device, the predefined input being defined based on a functionality of the untrusted electronic device; receiving side-channel information of the untrusted electronic device in response to the predefined input; obtaining a power fingerprint for the untrusted electronic device based on the side-channel information; and assessing an integrity of the untrusted electronic device based on the power fingerprint. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. An apparatus, comprising:
-
a power fingerprint monitor module configured to receive a signal representing an unauthorized access of a device; and a response analysis module operatively coupled to the power fingerprint monitor module, the response analysis module configured to select a response module from a plurality of response modules in response to detection of the unauthorized access, a first response module from the plurality of response modules configured to collect information associated with the device during the unauthorized access, a second response module from the plurality of response modules configured to prevent access to the device in response to the unauthorized access, a third response module from the plurality of response modules configured to disable at least a portion of the device subjected to the unauthorized access. - View Dependent Claims (17, 18, 19, 20)
-
Specification