18 lines
1.6 KiB
TeX
18 lines
1.6 KiB
TeX
\chapter{Conclusion}
|
|
The problem of leveraging power side-channel analysis to defend embedded systems presents unique capabilities.
|
|
Contrary to current common \glspl{ids} techniques, physics-based security is not built on purpose-made actionable data.
|
|
The very nature of the input information sets this technique aside.
|
|
Power consumption is closely related to instruction execution and makes it a good proxy variable for machine activity.
|
|
Moreover, power is easy and cheap to measure reliably at a high sampling rate, enabling analysis of any machine consuming electricity.
|
|
Finally, a sequence of instructions is generally related to a unique power consumption pattern.
|
|
This \textit{one-to-one} relationship allows us to consider the power consumption as a signature for software of machine activity.
|
|
However, power consumption is not an actionable information.
|
|
Little can be extracted from the raw time series format about the machine's activity or integrity.
|
|
To enable further analysis, a set of algorithms is required for both runtime online analysis and offline monitoring of specific activity.
|
|
The full range of capabilities remains to be discovered.
|
|
Successful runtime monitoring enables the detection of activity policy violations, anomalous activity detection, machine failure detection or distributed attacks.
|
|
On the other hand, pre-OS monitoring enables the detection of boot process violation at a level where common \glspl{ids} are not enabled yet.
|
|
These are just some of the possible applications of this technology, with many more to be discovered.
|
|
|
|
This proposal presents some problems to study that enable the development of physics-based security.
|
|
|