A Security Model and Implementation of Embedded Software Based on Code Obfuscation.

Current approaches for the security of embedded software mainly focused on some specific platforms. In this paper, a security model based on code obfuscation is applied to embedded software. A control flow flattening algorithm is used to implement an automated obfuscator, which obfuscates C code first, and does source-to-source conversions to protect software on different platforms. The effectiveness of code obfuscation is evaluated by a multi-level quantitative model proposed in this paper. Related experiments are carried out on the NUC140VE3CN board and MC9S12XEPIOOMAG board, which are typical hardware platforms used in the application domain of automotive. The result of experiments shows that for one thing, the quantitative value of the effectiveness of the obfuscated program is obviously higher than that of the original program, namely the strength for software to keep it from being reversed is greater, and the overhead of time and space is acceptable; for another, the efficiency of the evaluation model is also demonstrated.