24-01-2013, 12:18 PM
Detecting Software Theft in Embedded Systems: A Side-Channel Approach
1Detecting Software.pdf (Size: 1.45 MB / Downloads: 31)
Abstract
Source code plagiarismhas become a serious problem
for the industry. Although there exist many software solutions
for comparing source codes, they are often not practical in the
embedded environment. Today’s microcontrollers have frequently
implemented a memory read protection that prevents a verifier
from reading out the necessary source code. In this paper, we
present three verification methods to detect software plagiarism
in embedded software without knowing the implemented source
code. All three approaches make use of side-channel information
that is obtained during the execution of the suspicious code.
The first method is passive, i.e., no previous modification of the
original code is required. It determines the Hamming weights
of the executed instructions of the suspicious device and uses
string matching algorithms for comparisons with a reference
implementation. In contrast, the second method inserts additional
code fragments as a watermark that can be identified in the power
consumption of the executed source code. As a third method, we
present how this watermark can be extended by using a signature
that serves as a proof-of-ownership.We show that particularly the
last two approaches are very robust against code-transformation
attacks.
INTRODUCTION
SOFTWARE plagiarism and piracy is a serious problem
which is estimated to cost the software industry billions
of dollars per year [6]. Software piracy for desktop computers
has gained most of the attention in the past. However, software
plagiarism and software piracy are also huge problems for
companies working with embedded systems. In this paper, we
focus on the unique challenge to detect software plagiarism
and piracy in embedded systems. If a designer suspects that his
code has been used in an embedded system, it is quite complicated
for her to determine whether or not her suspicion is true.
Detection
The Hamming weight strings can now be used to indicate
software plagiarism. The idea can be summarized in three steps:
First, the execution flow of the original software is mapped to
a sting of Hamming weights. This is realized either by measuring
and evaluating the power consumption of the execution
as stated above or by simulating the execution flow and calculating
the Hamming weights from the opcodes.
Implementation
To show the feasibility of our approach, we implemented a
side-channel watermark on the ATmega8 microcontroller. As
mentioned, the watermark consists of a combination function
and a leakage generator. In our case, the input to the combination
function is a 16-bit internal state and a 16-bit watermark
constant. The combination function computes a one-bit output
which is leaked out using a leakage generator. There are many
ways to implement a combination function and the combination
function introduced in this paper should only be seen as
an example. In our implementation, we chose a very small and
compact combination function that only consists of four assembler
instructions. The 16-bit input to the combination function is
separated into two byte values and . In the first step,
and are each subtracted from the one-byte watermark constants,
and . In the next step, the two one-byte results of
these subtractions are multiplied with each other.
Watermark Verification
To detect the watermark, we use a correlation power analysis
(CPA). The main idea of a correlation power analysis is
to exploit the fact that the power consumption of a device depends
on the executed algorithm as well as on the processed
data. However, this data-dependent power consumption might
be too small to be observed with a simple power analysis as it
has been used in Section II. Therefore, many traces are measured
in a CPA and then statistical methods are used to extract
the wanted information. In a classical CPA setting, the goal is
to retrieve a secret key.
PROOF-OF-OWNERSHIP
The watermark discussed in the previous section only transmits
one bit of information: either the watermark is present or
not. This is very helpful to detect whether or not your code
was used in an embedded system. However, it is not possible
for the verifier to prove towards a third party that he is the legitimate
owner of the watermark. This is due to the fact that
the watermark itself does not contain any information about the
party who inserted the watermark. Therefore, everyone could
claim to be the owner of the watermark once he detects a watermark
in a system. We call the goal to be able to prove towards
a third party that you are the legitimate owner of the watermark
proof-of-ownership. In this section, we will show how
we can expand the watermark idea from Section III to also provide
proof-of-ownership.
CONCLUSION
In this work, we introduced three very efficient and cost-effective
ways to detect software plagiarism and piracy in embedded
systems. The biggest advantage of these methods are
that they do not require access to the suspicious program code.
This property is very useful for embedded systems as the access
to the program code is usually restricted by program memory
protection mechanisms. Hence, our methods enable a verifier to
efficiently test many embedded systems towards software plagiarism
by simply measuring the power consumption of the devices
under test. In our first approach, we achieve this by deriving
the Hamming weight of the running opcode from the
taken power measurements. This can be done without the need
to modify the program code, i.e., no watermark needs to be
inserted. The Hamming weight method can detect one-to-one
copies of software code very easily.We also showed that this detection
mechanism can still be successful if the attacker makes
some changes to the program code.