diff --git a/BPV/qrs/main.typ b/BPV/qrs/main.typ index 7eac728..207ed62 100644 --- a/BPV/qrs/main.typ +++ b/BPV/qrs/main.typ @@ -1,32 +1,6 @@ #import "utils.typ": * #import "tablex.typ": tablex, hlinex, vlinex, colspanx, rowspanx -#import "template.typ": * -#show: ieee.with( - title: "Independent Few-shot Firmware Integrity Verification with Side-Channel Power Analysis", - abstract: [ - - ], - authors: ( - ( - name: "Arthur Grisel-Davy*", - department: "Electrical and Computer Engineering", - organization: "University of Waterloo", - location: "Waterloo, Canada", - email: "agriseld@uwaterloo.ca", - ), - ( - name: "Sebastian Fischmeister", - department: "", - organization: "", - location: "", - email: "sfischme@uwaterloo.ca", - ), - ), - index-terms: (), - bibliography-file: "bibli.bib", -) - #let acronyms = ( "BPV": "Boot Process Verifier", "IDS": "Intrusion Detection System", @@ -48,6 +22,20 @@ "BIOS": "Basic Input/Output System" ) +#let reset-acronym(term) = { + // Reset a specific acronym. It will be expanded on next use. + if term in acronyms{ + state("acronym-state-" + term, false).update(false) + } +} + +#let reset-all-acronyms() = { + // Reset all acronyms. They will all be expanded on the next use. + for term in acronyms.keys() { + state("acronym-state-" + term, false).update(false) + } +} + #show ref: r =>{// Overload the reference definition // Grab the term, target of the reference @@ -74,6 +62,45 @@ } } +#import "template.typ": * +#show: ieee.with( + title: "Independent Few-shot Firmware Integrity Verification with Side-Channel Power Analysis", + abstract: [ + Firmware attacks on embedded systems can have disastrous security implications. + Through the firmware update mechanism, an attacker can tamper with the firmware to open known vulnerabilities, change security settings, or deploy custom backdoors, to pave the way for subsequent attacks or gain complete machine control. + Firmware protection solutions often share the flaw of requiring the cooperation of the machine they aim to protect. + If the machine gets compromised, the results from the protection mechanism become untrustworthy. + + One solution to this problem is to leverage an independent source of information to assess the integrity of the firmware and the bootup sequence. + In this paper, we propose a physics-based @IDS called the @BPV that only relies on side-channel power consumption measurement to verify the integrity of the bootup sequence. + The @BPV works in complete independence from the machine to protect and requires only a few nominal training samples to establish a baseline of nominal behaviour. + The range of application of this approach potentially extends to any embedded systems. + We present test cases that illustrate the performances of the @BPV for micro-PC, network equipment (switches and wireless access points), and a drone. + ], + authors: ( + ( + name: "Arthur Grisel-Davy*", + department: "Electrical and Computer Engineering", + organization: "University of Waterloo", + location: "Waterloo, Canada", + email: "agriseld@uwaterloo.ca", + ), + ( + name: "Sebastian Fischmeister", + department: "", + organization: "", + location: "", + email: "sfischme@uwaterloo.ca", + ), + ), + index-terms: (), + bibliography-file: "bibli.bib", +) + + + + + // add spaces around lists and tables #show enum: l =>{v(5pt) l @@ -88,6 +115,7 @@ v(5pt) } +#reset-all-acronyms() = Introduction The firmware of any embedded system is susceptible to attacks. Since firmware provides many security features, it is always of major interest to attackers.