Systems, methods, and apparatus to enhance the integrity assessment when using power fingerprinting systems for computer-based systems

US 9,430,644 B2
Filed: 07/10/2015
Issued: 08/30/2016
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, at a first module, side-channel information of a first target component of a system, the first module being collocated with the first target component, the side-channel information of the first target component being associated with a plurality of authorized execution statuses of the first target component and an execution status of the first target component;

obtaining a power fingerprint for the first target component based on the side-channel information for the first target component, the power fingerprint for the first target component representing the plurality of authorized execution statuses of the first target component;

receiving, at a second module, side-channel information of a second target component of the system, the second module being collocated with the second target component, the side-channel information of the second target component being associated with a plurality of authorized execution statuses of the second target component and an execution status of the second target component;

obtaining a power fingerprint for the second target component based on the side-channel information for the second target component, the power fingerprint for the second target component representing the plurality of execution statuses of the second target component; and

sending, from a processor physically separate from the first target component and the second target component, a reporting signal based on at least one of (1) the power fingerprint for the first target component and an execution status of the first target component, or (2) the power fingerprint for the second target component and an execution status of the second target component, the reporting signal associated with at least one of the execution status of the first target component or the execution status of the second target component.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A power fingerprinting system is adopted for assessing integrity of a target computer-based system. In one implementation, the power fingerprinting system may receive, at a first module, side-channel information of a first target component of a system, the first module being collocated with the first target component; obtain a power fingerprint for the first target component based on the side-channel information for the first target component, the power fingerprint for the first target component representing a plurality of execution statuses of the first target component; receive, at a second module, side-channel information of a second target component of the system, the second module being collocated with the second target component, the power fingerprint for the second target component representing a plurality of execution statuses of the second target component; and obtain a power fingerprint for the second target component based on the side-channel information for the second target component.

45 Citations

View as Search Results

17 Claims

1. A method, comprising:
- receiving, at a first module, side-channel information of a first target component of a system, the first module being collocated with the first target component, the side-channel information of the first target component being associated with a plurality of authorized execution statuses of the first target component and an execution status of the first target component;
  
  obtaining a power fingerprint for the first target component based on the side-channel information for the first target component, the power fingerprint for the first target component representing the plurality of authorized execution statuses of the first target component;
  
  receiving, at a second module, side-channel information of a second target component of the system, the second module being collocated with the second target component, the side-channel information of the second target component being associated with a plurality of authorized execution statuses of the second target component and an execution status of the second target component;
  
  obtaining a power fingerprint for the second target component based on the side-channel information for the second target component, the power fingerprint for the second target component representing the plurality of execution statuses of the second target component; and
  
  sending, from a processor physically separate from the first target component and the second target component, a reporting signal based on at least one of (1) the power fingerprint for the first target component and an execution status of the first target component, or (2) the power fingerprint for the second target component and an execution status of the second target component, the reporting signal associated with at least one of the execution status of the first target component or the execution status of the second target component.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein:
    - the power fingerprint for the first target component is obtained by the first module;
      
      the power fingerprint for the second target component is obtained by the second module;
      
      the method further comprising;
      
      receiving, at the processor from the first module, a signal representing the power fingerprint for the first target component; and
      
      receiving, at the processor from the second module, a signal representing the power fingerprint for the second target component.
  - 3. The method of claim 1, further comprising:
    - receiving, at the processor from the first module, a signal representing the side-channel information of the first target component; and
      
      receiving, at the processor from the second module, a signal representing the side-channel information of the second target component,the power fingerprint for the first target component is obtained by the processor,the power fingerprint for the second target component is obtained by the processor.
  - 4. The method of claim 1, wherein the reporting signal represents at least one of an integrity assessment, a malicious intrusion detection, an unauthorized modification detection or a tampering detection, for at least one of the first target component or the second target component.
  - 5. The method of claim 1, wherein the first target component and the second target component are included within at least one of (1) an Industrial Control System (ICS), (2) a Supervisory, Control and Data Acquisition (SCADA) system, or (3) an embedded computer platform.
  - 6. The method of claim 1, wherein the processor is configured to be operatively coupled to the first module and the second module through at least one network.
  - 7. The method of claim 1, wherein the obtaining the power fingerprint for the first target component, the obtaining the power fingerprint for the second target component, and the sending the reporting signal are repeated.

8. An apparatus, comprising:
- a first preprocessor configured to be collocated with a first target component of a system, the first preprocessor receiving side-channel information of a first target component of a system when the first preprocessor and the first target component are operational, the side-channel information of the first target component being associated with a plurality of authorized execution statuses of the first target component and an execution status of the first target component;
  
  a second preprocessor configured to collocated with a second target component of the system, the second preprocessor receiving side-channel information of the second target component when the second preprocessor and the second target component are operational, the side-channel information of the second target component being associated with a plurality of authorized execution statuses of the second target component and an execution status of the second target component; and
  
  a processor physically separate from the first target component and the second target component, the processor operatively coupled the first preprocessor and the second preprocessor, the processor sending, when operational, a reporting signal based on at least one of (1) a power fingerprint for the first target component and an execution status of the first target component, or (2) a power fingerprint for the second target component and an execution status of the second target component,the power fingerprint for the first target component being based on the side-channel information for the first target component and representing the plurality of authorized execution statuses of the first target component, the power fingerprint for the second target component being based on the side-channel information for the second target component and representing the plurality of execution statuses of the second target component.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The apparatus of claim 8, wherein:
    - the processor receives, from the first preprocessor, a signal representing the power fingerprint for the first target component when the processor and the first preprocessor are operative; and
      
      the processor receives, from the second preprocessor, a signal representing the power fingerprint for the second target component when the processor and the second preprocessor are operative.
  - 10. The apparatus of claim 8, wherein:
    - the processor receives, from the first preprocessor, a signal representing the side-channel information of the first target component when the processor and the first preprocessor are operative,the processor obtaining the power fingerprint for the first target component when the processor is operative;
      
      the processor receives from the second preprocessor, a signal representing the side-channel information of the second target component when the processor and the second preprocessor are operative,the processor obtaining the power fingerprint for the second target component when the processor is operative.
  - 11. The apparatus of claim 8, wherein the reporting signal represents at least one of an integrity assessment, a malicious intrusion detection, an unauthorized modification detection or a tampering detection, for at least one of the first target component or the second target component.
  - 12. The apparatus of claim 8, wherein the first target component and the second target component are included within at least one of (1) an Industrial Control System (ICS), (2) a Supervisory, Control and Data Acquisition (SCADA) system, or (3) an embedded computer platform.
  - 13. The apparatus of claim 8, wherein the processor is configured to be operatively coupled to the first preprocessor and the second preprocessor through at least one network.

14. A method, comprising:
- obtaining a power fingerprint for a first target component of a system based on a side-channel information for the first target component, the power fingerprint for the first target component representing a plurality of authorized execution statuses of the first target component, the side-channel information of the first target component being received from a first preprocessor collated with the first target component and being associated with a plurality of authorized execution statuses of the first target component and an execution status of the first target component;
  
  obtaining a power fingerprint for a second target component of the system based on the side-channel information for the second target component, the power fingerprint for the second target component representing a plurality of execution statuses of the second target component, the side-channel information of the second target component being received from a second preprocessor collated with the second target component and being associated with a plurality of authorized execution statuses of the second target component and an execution status of the second target component; and
  
  sending, by a processor physically separate from the first target component and the second target component, a reporting signal based on at least one of (1) the power fingerprint for the first target component and an execution status of the first target component, or (2) the power fingerprint for the second target component and an execution status of the second target component.
- View Dependent Claims (15, 16, 17)
- - 15. The method of claim 14, wherein:
    - the obtaining the power fingerprint for the first target component is performed by the first preprocessor;
      
      the obtaining the power fingerprint for the second target component is performed by the second preprocessor;
      
      the method further comprising;
      
      receiving, at the processor from the first preprocessor, a signal representing the power fingerprint for the first target component; and
      
      receiving, at the processor from the second preprocessor, a signal representing the power fingerprint for the second target component.
  - 16. The method of claim 14, wherein:
    - the obtaining the power fingerprint for the first target component is performed by the first preprocessor;
      
      the obtaining the power fingerprint for the second target component is performed by second preprocessor,the method further comprising;
      
      receiving, at the processor from the first preprocessor, a signal representing the side-channel information of the first target component; and
      
      receiving, at the processor from the second preprocessor, a signal representing the side-channel information of the second target component.
  - 17. The method of claim 14, wherein the reporting signal represents at least one of an integrity assessment, a malicious intrusion detection, an unauthorized modification detection or a tampering detection, for at least one of the first target component or the second target component.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Power Fingerprinting Inc.
Original Assignee
Power Fingerprinting Inc.
Inventors
Aguayo Gonzalez, Carlos R., Reed, Jeffrey H., Chen, Steven C.
Primary Examiner(s)
PYZOCHA, MICHAEL J

Application Number

US14/796,623
Publication Number

US 20150317475A1
Time in Patent Office

417 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/55   Detecting local intrusion o...

G06F 21/554   involving event detection a...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/755   with measures against power...

G06F 2221/034   Test or assess a computer o...

Systems, methods, and apparatus to enhance the integrity assessment when using power fingerprinting systems for computer-based systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

45 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Systems, methods, and apparatus to enhance the integrity assessment when using power fingerprinting systems for computer-based systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

45 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others