Digital Library[ Search Result ]
Design and Implementation of Security System for Providing Secure Boot and Firmware Update in Low-end IoT Device
Kiyeong Lee, Byoungseon Kim, Jinsung Cho
http://doi.org/10.5626/JOK.2018.45.4.321
Low-end IoT devices are problematic due to the many limitations involved in applying IoT devices to various existing security solutions. This is because most security solutions are targeted at high-performance PC environments. These limitations are causing steadily increasing technical security vulnerabilities and various security threats to IoT devices. In this paper, we propose a secure boot and firmware update system that can be applied in a constrained environment. At the secure boot, the proposed system verifies the integrity of the firmware of the device. The secure firmware update performs reliability verification of the subject attempting to update. Finally, we analyze the security performance of the proposed system by simulating various threats that may occur in low-end IoT devices.
Multi-core Scalable Real-time Flash Storage Simulation
Hyeon-gyu Lee, Sang Lyul Min, Kanghee Kim
http://doi.org/10.5626/JOK.2017.44.6.566
As NAND flash storage is being widely used, its simulation methodologies have been studied in various aspects such as performance, reliability, and endurance. As a result, there have been advances in NAND flash storage simulation for both functional modeling and timing modeling. However, in addition to these advances, there is a need to drastically reduce the long simulation time that is required to evaluate the aging effect on flash storage. This paper proposes a so-called multi-core scalable real-time flash storage simulation method, which can control the simulation speed according to the user’s preference. According to this method, it is possible to speed up the simulation in proportion to the number of CPU cores arbitrarily given while guaranteeing the correctness of the simulation result. Using our simulator implemented in the form of the Linux kernel module, we demonstrate the multi-core scalability and correctness of the proposed method.
An Effective Technique for Detecting Vulnerabilities in Android Device Drivers
Android- and Linux-based embedded systems require device drivers, which are structured and built in kernel functions. However, device driver software (firmware) provided by various 3rd parties is not usually checked in terms of their security requirements but is simply included in the final products, that is, Android-based smart phones. In addition, static analysis, which is generally used to detect vulnerabilities, may result in extra cost to detect critical security issues such as privilege escalation due to its large proportion of false positive results. In this paper, we propose and evaluate an effective technique to detect vulnerabilities in Android device drivers using both static and dynamic analyses.
Finger-Touch based Hangul Input Interface for Usability Enhancement among Visually Impaired Individuals
Seung-Shik Kang, Yoon-Seung Choi
Virtual Hangul keyboards like Chun-Ji-In, Narat-Gul, and QWERTY are based on eyesight recognition, in which input letter positions are fixed in the smartphone environment. The input method of a fixed-position style is not very convenient for visually impaired individuals. In order to resolve the issue of inconvenience of the Hangul input system, we propose a new paradigm of the finger-touch based Hangul input system that does not need eyesight recognition of input buttons. For the convenience of learning the touch-motion based keyboard, finger touches are designed by considering the shape and frequencies of Hangul vowels and consonants together with the preference of fingers. The base position is decided by the first touch of the screen, and the finger-touch keyboard is used in the same way for all the other touch-style devices, regardless of the differences in size and operation system. In this input method, unique finger-touch motions are assigned for Hangul letters that significantly reduce the input errors.
Human Visual System-Aware and Low-Power Histogram Specification and Its Automation for TFT-LCDs
Backlight has a major factor in power consumption of TFT-LCDs which are most popular in portable devices. There have been a lot of attempts to achieve power savings by backlight dimming. At the same time, the researches have shown image compensation due to decreased brightness of a displayed image. However, existing image compensation methods such as histogram equalization have some limits in completely satisfying the human visual system (HVS)-awareness. This paper proposes an enhanced dimming technique to obtain both power saving and HVS-awareness by combining pixel compensation and histogram specification for TFT-LCDs. This method executes a search algorithm and an automation algorithm employing simplified calculations for fast image processing. Experimental results showed that the proposed method achieved significant improvement in visual satisfaction per power saving over existing backlight dimming.
A Secure BLE Integration Authentication System for a BLE Device Control Server based on Physical Web and Eddystone
ChoonSung Nam, Hyunhee Jung, Dongryeol Shin
Physical Web and Eddystone can be serviced by a single integrated application on the device by using their servers’ URL. However, they have a limitation that their servers must be customized for service characteristics on a case by case basis. In other words, regardless of the service selected for BLE, it should have a modified linkage application for each device. Hence, we think that a new integrated service platform, which is able to link and support its Beacon from the central server and is also able to support its application, is needed for achieving better service quality. This platform consists of push (Broadcasting for Beacon service) parts and pull (Connection) parts to establish communication. Especially, Pull should be operated and controlled under the authorization (secure) management for safe and trustable communication. It means that BLE must have its new authorization communications protocol to protect its data as much as possible. In this paper, we propose a BLE integrated authorization protocol for a BLE device control server based on Physical Web and Eddystone.
Sensing Model for Reducing Power Consumption for Indoor/Outdoor Context Transition
Deok-Ki Kim, Jae-Hyeon Park, Jung-Won Lee
With the spread of smartphones containing multiple on-board sensors, the market for context aware applications have grown. However, due to the limited power capacity of a smartphone, users feel discontented QoS. Additionally, context aware applications require the utilization of many forms of context and sensing information. If context transition has occurred, types of needed sensors must be changed and each sensor modules need to turn on/off. In addition, excessive sensing has been found when the context decision is ambiguous. In this paper, we focus on power consumption associated with the context transition that occurs during indoor/outdoor detection, modeling the activities of the sensor associated with these contexts. And we suggest a freezing algorithm that reduces power consumption in context transition. We experiment with a commercial application that service is indoor/outdoor location tracking, measure power consumption in context transition with and without the utilization of the proposed method. We find that proposed method reduces power consumption about 20% during context transition.
Systematic Development of Mobile IoT Device Power Management : Feature-based Variability Modeling and Asset Development
Hyesun Lee, Kang Bok Lee, Hyo-Chan Bang
Internet of Things (IoT) is an environment where various devices are connected to each other via a wired/wireless network and where the devices gather, process, exchange, and share information. Some of the most important types of IoT devices are mobile IoT devices such as smartphones. These devices provide various high-performance services to users but cannot be supplied with power all the time; therefore, power management appropriate to a given IoT environment is necessary. Power management of mobile IoT devices involves complex relationships between various entities such as application processors (APs), HW modules inside/outside AP, Operating System (OS), platforms, and applications; a method is therefore needed to systematically analyze and manage these relationships. In addition, variabilities related to power management such as various policies, operational environments, and algorithms need to be analyzed and applied to power management development. In this paper, engineering principles and a method based on them are presented in order to address these challenges and support systematic development of IoT device power management. Power management of connected helmet systems was used to validate the feasibility of the proposed method.
A Location-based Highway Safety System using Smart Mobile Devices
Jaehyun Lee, Sungjin Park, Joon Yoo
In this paper, we propose a highway safety system that comprises a small number of central servers and smart mobile devices. To implement this system, we constructed a central server that collects GPS location information on cars, whose update messages are decreased via the car location estimation algorithm. The in-car mobile devices use the accelerometer sensors to detect hazardous situations; this information is updated to the central server that relays the information to the corresponding endangered cars via location-based unicast using LTE communication. To evaluate the proposed algorithm, we equipped a mobile device app on a real car and conducted real experiments in various environments such as city streets, rural areas, and highway roads. Furthermore, we conducted simulations to evaluate the propagation of danger information. Finally, we conducted simulated experiments to detect car collisions as well as exceptions, such as falling of the mobile device from the cradle.
Framework-assisted Selective Page Protection for Improving Interactivity of Linux Based Mobile Devices
Seungjune Kim, Jungho Kim, Seongsoo Hong
While Linux-based mobile devices such as smartphones are increasingly used, they often exhibit poor response time. One of the factors that influence the user-perceived interactivity is the high page fault rate of interactive tasks. Pages owned by interactive tasks can be removed from the main memory due to the memory contention between interactive and background tasks. Since this increases the page fault rate of the interactive tasks, their executions tend to suffer from increased delays. This paper proposes a framework-assisted selective page protection mechanism for improving interactivity of Linux-based mobile devices. The framework-assisted selective page protection enables the run-time system to identify interactive tasks at the framework level and to deliver their IDs to the kernel. As a result, the kernel can maintain the pages owned by the identified interactive tasks and avoid the occurrences of page faults. The experimental results demonstrate the selective page protection technique reduces response time up to 11% by reducing the page fault rate by 37%.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr