I have a list of my projects and a writeup for each one on my projects page.
The Master's Thesis for my Computer Engineering degree touches on the memory security of modern embedded systems. As technology gets more advanced, the use of embedded systems in the Internet of Things (IoT) is growing at a rapid rate. Many of these embedded systems are critical to the operation of the system at a whole, and may contain or process sensitive data. In a lot of cases, these embedded devices are not physically secure, and can be access by a malicious individual with little effort. Once given physical access, reading and writing to exposed memory bus lines becomes trivial.
One of the ways to defend against memory read attacks is to encrypt data-in-motion before it leaves the CPU. However; this still leaves the system memory open to write attacks. Defending against a memory write attack is achieved by authenticating all memory within the RAM. This authentication is done by the CPU to ensure all memory traveling to/from the RAM is verified before being used for execution.
The work done in the thesis focuses on the creation of a customized memory controller that both encrypts (via AES) and authenticates all data before sending it to the system memory. The memory controller uses the AXI protocol to send and receive data directly from a Zynq-7000 FPGA. A few authenticated memory controller designs exists; however, the performance loss while using one of the these controllers can be quite substantial. In an attempt to mitigate these performance impacts, this research focuses on adding an authentication request cache. The largest performance issues stem from the creation of an authentication scheme request. These requests are used to find the proper location in memory, as well as the key used to authentication the data. Caching some of these requests will help reduce the amount of stall cycles that occur while trying to fetch data from memory. The performance of the system is benchmarked using a customized build of PetaLinux, which allows for the performance of real-world workflows to be tested and profiled.
I'm not sure about the technicalities behind sharing my thesis proposal and code, so I haven't included either of them here. If you're curious and would like to see them, let me know and I'll find out what I can do :)
References available upon request