• 한국항공운항학회:학술대회논문집
• /
• 2015.11a
• /
• pp.107-110
• /
• 2015

항공, 국방, 자동차, 철도, 조선, 원자력, 플랜트 분야에서 임베디드 시스템의 활용도가 높아지고 있다. 특히 항공 임베디드 시스템은 다른 분야에 비해 고신뢰성과 고성능이 동시에 요구된다. 안전필수 인증절차를 준수하면 설계 및 개발 단계에서 발생할 수 있는 다양한 결함을 예방 할 수 있다. 그러나 soft error와 같은 예측 불가능한 transient 결함을 대처하기 어렵다. 이러한 문제를 해결하기 위하여 고장감내 방법론과 검증방법에 대한 연구가 수행되어야 한다. 본 논문은 고장감내 기법 검증 방법론에 하나인 결함주입 기법을 제안한다. 본 논문에서 제안하는 결함주입 기법은 1) 정량적 평가 가능, 2) 시스템을 대상으로 검증 가능 같은 장점이 있다.

• IEIE Transactions on Smart Processing and Computing
• /
• v.4 no.2
• /
• pp.83-88
• /
• 2015

Core-A is 32-bit synthesizable processor core with a unique instruction set architecture (ISA). In this paper, the Core-A ISA is introduced with discussion of useful features and the development environment, including the software tool chain and hardware on-chip debugger. Core-A is described using Verilog-HDL and can be customized for a given application and synthesized for an application-specific integrated circuit or field-programmable gate array target. Also, the GNU Compiler Collection has been ported to support Core-A, and various predesigned platforms are well equipped with the established design flow to speed up the hardware/software co-design for a Core-A-based system.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.04a
• /
• pp.830-834
• /
• 2000

현재, 정보기기의 급속한 발전과 많은 수요로 인해 실시간 OS에 대한 기술 개발의 필요성이 대두되었고, 많은 실시간 OS 제품이나 그 개발도구들이 개발되어 있으나, 기존의 상용 제품들은 산업용 실시간 OS에서 파생된 제품이거나 PC 나 Workstation 용 OS 로부터 다운사이징한 제품들이고, 대부분 외국 제품들이어서 그 실시간 OS 들을 사용함으로써 부담하는 기술료는 국내 가전용 제품의 경쟁력을 급속히 약화시킬 우려가 있다. 이에 본논문에서는 본 연구소에서 자체 개발한 Q+(QPlus) 정보가전용 실시간 OS 와 이와 연동하는 커널 원격 디버깅 환경인 Q+Esto 디버깅 환경의 구현기술에 대해 소개한다. Q+Esto 원격 디버깅 환경은 사용하기 편리한 사용자인터페이스 제공, 모듈화 및 계층화를 통한 디버깅 기능의 확장성 제고, 그리고 리모트 디버깅 인터페이스와 같은 원격 통신 모듈을 통한 타겟정보 접근시간의 축소등의 장점을 갖고 있다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.763-765
• /
• 2007

As a useful tool for embedded system codesign approach, it's necessary to make a custom-built interpreter for the system description verification. Usually, designers need to write their program to simulate the environment their system works in. Sometimes making the simulation environment consumes designers more time and energy than describing their embedded system. The interpreter saves the cost that is spent on making such an environment. In this paper, the necessity and motivation of the interpreter will be introduced first, and then the details about each part of it will be illuminated.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.538-541
• /
• 2007

최근 SoC 기술이 발달하면서, 내장형 시스템을 위한 프로세서 개발이 활발해졌다. 새로운 프로세서가 개발되면, 운영체제 및 소프트웨어 개발을 위해 컴파일러 및 디버거가 필요하다. 컴파일러는 소스코드를 타겟 프로세서에서 실행 가능한 목적파일로 변환하고, 디버거는 프로그램의 개발에서 오류를 찾기 위한 도구로 소프트웨어 개발에 매우 중요한 도구들이다. 본 논문에서는 KAIST에서 개발하는 32bit 프로세서인 Core-A를 위한 소프트웨어 디버거를 설계 및 구현한다. Core-A용 디버거는 공개 소스 디버거 시스템인 GDB를 참조모델로 했으며, 레지스터와 메모리 맵과 같은 프로세서 종속적인 부분을 확장하고 외부 인터페이스 모듈과 같은 프로세스 독립적인 모듈은 재사용함으로써 개발기간을 단축시켰다. 그리고 Core-A용 디버거의 검증을 위해 상용 디버거 시스템인 ARM용 AXD 디버거와 비교 실험을 진행하였다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.10 no.11
• /
• pp.297-304
• /
• 2021

Commercial obfuscation tools (protectors) aim to create difficulties in analyzing the operation process of software by applying obfuscation techniques and Anti-reversing techniques that delay and interrupt the analysis of programs in software reverse engineering process. In particular, in case of virtualization detection and anti-debugging functions, the analysis tool exits the normal execution flow and terminates the program. In this paper, we analyze Anti-reversing techniques of executables with Debugger Detection and Viralization Tools Detection options through VMProtect 3.5.0, one of the commercial obfuscation tools (protector), and address bypass methods using Pin. In addition, we predicted the location of the applied obfuscation technique by finding out a specific program termination routine through API analysis since there is a problem that the program is terminated by the Anti-VM technology and the Anti-DBI technology and drew up the algorithm flowchart for bypassing the Anti-reversing techniques. Considering compatibility problems and changes in techniques from differences in versions of the software used in experiment, it was confirmed that the bypass was successful by writing the pin automation bypass code in the latest version of the software (VMProtect, Windows, Pin) and conducting the experiment. By improving the proposed analysis method, it is possible to analyze the Anti-reversing method of the obfuscation tool for which the method is not presented so far and find a bypass method.

• The KIPS Transactions:PartA
• /
• v.17A no.3
• /
• pp.153-158
• /
• 2010

Most of software developers use the GNU Debugger (GDB) in order to debug code execution. The GDB supports a remote debugging environment through serial communication. However, in embedded systems, the speed is limited in the serial communication. Due to this reason, the serial communication is rarely used for the debugging purpose. To solve this problem, many embedded systems adapt the JTAG and the USB interface. This paper proposes debugging environment via USB-JTAG interface to debug the EISC processor, and introduces how the USB interface works on the GDB and how the JTAG module handles debugging packets.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.2
• /
• pp.766-783
• /
• 2012

Recently, many malicious users have attacked web browsers using JavaScript code that can execute dynamic actions within the browsers. By forcing the browser to execute malicious JavaScript code, the attackers can steal personal information stored in the system, allow malware program downloads in the client's system, and so on. In order to reduce damage, malicious web pages must be located prior to general users accessing the infected pages. In this paper, a novel framework (JsSandbox) that can monitor and analyze the behavior of malicious JavaScript code using internal function hooking (IFH) is proposed. IFH is defined as the hooking of all functions in the modules using the debug information and extracting the parameter values. The use of IFH enables the monitoring of functions that API hooking cannot. JsSandbox was implemented based on a debugger engine, and some features were applied to detect and analyze malicious JavaScript code: detection of obfuscation, deobfuscation of the obfuscated string, detection of URLs related to redirection, and detection of exploit codes. Then, the proposed framework was analyzed for specific features, and the results demonstrate that JsSandbox can be applied to the analysis of the behavior of malicious web pages.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.1989-2009
• /
• 2013

How to discover router vulnerabilities effectively and automatically is a critical problem to ensure network and information security. Previous research on router security is mostly about the technology of exploiting known flaws of routers. Fuzzing is a famous automated vulnerability finding technology; however, traditional Fuzzing tools are designed for testing network applications or other software. These tools are not or partly not suitable for testing routers. This paper designs a framework of discovering router protocol vulnerabilities, and proposes a mathematical model Two-stage Fuzzing Test Cases Generator(TFTCG) that improves previous methods to generate test cases. We have developed a tool called RPFuzzer based on TFTCG. RPFuzzer monitors routers by sending normal packets, keeping watch on CPU utilization and checking system logs, which can detect DoS, router reboot and so on. RPFuzzer' debugger based on modified Dynamips, which can record register values when an exception occurs. Finally, we experiment on the SNMP protocol, find 8 vulnerabilities, of which there are five unreleased vulnerabilities. The experiment has proved the effectiveness of RPFuzzer.

• The KIPS Transactions:PartA
• /
• v.10A no.4
• /
• pp.305-312
• /
• 2003

In the embedded Linux environments, developers can concurrently debug multiple processes that have parent-child relationships using multiple gdbs and gdbservers. But, it needs additional coding efforts and messy works of activating another gdbs and gdbservers for each created process, and so, it may be inefficient in the viewpoint of developers. In this paper, we propose a mgdb library and mgdbserver that supports concurrent debugging of multiple processes in the embedded Linux systems by using the library wrapping mechanism without modifying the kernel. Also, through the experimentation of concurrent debugging for multiple processes that communicate by an unnamed pipe, we show that our proposed debugging mechanism is more efficient than the preexisting mechanisms.