IEEE Intelligence and Security Informatics (ISI) 2018

 November 8 - 10, 2018 // Florida International University, Miami FL


Security Design of Mission-Critical Embedded Systems

Instructor: Dr. Michael Vai, Secure Resilient Systems and Technology Group, MIT Lincoln Laboratory, (

Abstract: This tutorial explains a systematic approach of co-designing functionality and security into mission-critical embedded systems. The tutorial starts by reviewing common issues in embedded applications to define mission objectives, threat models, and security/resilience goals. We then introduce an overview of security technologies to achieve goals of confidentiality, integrity, and availability given design criteria and a realistic threat model. The technologies range from practical cryptography and key management, protection of data at rest, data in transit, and data in use, and tamper resistance. A major portion of the tutorial is dedicated to exploring the mission critical embedded system solution space. We discuss the search for security vulnerabilities (red teaming) and the search for solutions (blue teaming). Besides the lecture, attendees, under instructor guidance, will perform realistic and meaningful hands-on exercises of defining mission and security objectives, assessing principal issues, applying technologies, and understanding their interactions. Attendees should bring their own applications for the exercises. If that is not possible, the instructor will provide an example application (distributed sensing, communicating, and computing) to be used in these exercises. Attendees are encouraged to work collaboratively throughout the development process, thus creating opportunities to learn from each other. During the exercise, attendees will consider the use of various security/resilience features, articulate and justify the use of resources, and assess the system’s suitability for mission assurance. Attendees can expect to gain valuable insight and experience in the subject after completing the lecture and exercises. The instructor, who is an expert and practitioner in the field, will offer insight, advice, and concrete examples and discussions. The tutorial draws from the instructor’s decades of experience in secure, resilient systems and technology.

Target Audience: This tutorial is designed for embedded system designers, hardware and software engineers, and project managers interested in an overview and introduction to cyber security with emphasis on embedded computing.

Prerequisites: We expect the audience to have general knowledge of embedded systems. The use of a laptop for the exercises is optional but helpful.

Tutorial Organization:

  1. Introduction (15 mins):
    • Embedded system definition
    • Embedded system design methodology
    • Security, resilience, and mission assurance
    • Overview of the tutorial
  2. Embedded system development (60 mins):
    • Mission
    • Platform
    • Life cycle threats (supply chain, manufacturing, deployment, etc.)
    • Technologies for security and resilience
  3. Solution Exercise (60 mins):
    • Design and assessment
    • Metrics and return-on-investment
    • Residual vulnerabilities and mitigations
    • Technologies for security and resilience
  4. Summary and further studies (15 mins)

Bio: Dr. Michael Vai joined MIT Lincoln Laboratory in 1999 and is currently a senior staff member in the Secure Resilient Systems and Technology Group. Before coming to this group, he was an Assistant Leader of the Embedded and Open Systems Group in the ISR and Tactical Systems Division. At Lincoln Laboratory, he has led the development of several notable real-time systems incorporating very-large-scale integration (VLSI) chips, field-programmable gate arrays (FPGAs), and multicore processors. In 2002, Dr. Vai coordinated and taught a VLSI Design course at Lincoln Laboratory, and in 2003, he delivered a lecture ASIC and FPGA DSP Implementations in the IEEE lecture series Current Topics in Digital Signal Processing. Dr. Vai has worked in the area of high-performance embedded computing for more than 20 years. He has worked and published extensively in VLSI, application specific integrated circuits (ASIC), FPGAs, design methodology, and embedded digital systems. He has published more than 80 technical papers and a textbook ("VLSI Design," CRC Press, 2001). He is also the co-editor and a contributing author of a reference handbook ("High Performance Embedded Computing Handbook," CRC Press, 2008). Until July 1999, Dr. Vai was on the faculty of the Electrical and Computer Engineering Department at Northeastern University. At Northeastern University, he developed and taught the VLSI Design and VLSI Architecture courses. He also established and supervised a VLSI CAD Laboratory. In May 1999, the students in the Electrical and Computer Engineering Department presented him with the Outstanding Professor Award. During Dr. Vai's tenure at Northeastern University, he conducted multiple research programs funded by the National Science Foundation, the Defense Advanced Research Projects Agency (DARPA), and industry. Dr. Vai's current research interests include anti-tamper and information assurance technologies, particularly those related to open architectures and high-performance computing algorithms. He is a senior member of IEEE. Dr. Vai earned MS and PhD degrees from Michigan State University in 1985 and 1987, respectively, both in electrical engineering.