Improving embedded software security is mandatory. Organizations need to actively employ security strategies and activities throughout system development, facing the warning signs of increased cyber-attacks. Software attacks are becoming more sophisticated than ever [1] and security tools’ development must closely follow this evolution.
Virtualization technology has made possible to provide security services with better protection, by isolating them [1] from the hosts they are protecting. Virtual Machine Monitor (VMM) is a virtualization technique which introduces an extra software layer to provide the illusion of real hardware for multiple virtual machines.
As virtualization becomes increasingly mainstream, virtual machine introspection (VMI) techniques andtools are evolving to monitor virtual machine (VM) behavior [2]. These techniques consist on the inspection of VMs from the outside to access their integrity and close the semantic gap created by the aforementioned security tool isolation.
Security implementation involves four complementary courses of action: prevention, detection, response, and recovery [3]. This work goes particularly towards detection and response without disregarding recovery.
A central part of this work is the development of a Health Monitoring application, for embedded systems, coupled with memory introspection techniques to detect malicious behavior in real time. The identification of attack models and security policies is essential to guarantee tool’s adequacy.
Design automation tools can improve the trustworthiness of design and implementation stages of system development. An ontology enriched metamodeling infrastructure, associated with systems’ design processes and modeling DSLs, will leverage automatic systems’ configuration and generation.
The infrastructure will semantically integrate security related models with the remaining architecture.
This ontology-driven automation will be developed in a collaborative environment.