Svadev mailing list

[Fábio Resner <fabiusks AT gmail.com>]

Hi,

I'm doing some research on how to secure applications on a embedded device.

The main goal actually is to guarantee the safety of sensitive material like cryptographic keys.

It would be perfect if the whole system can have guaranteed secure, but if I can only guarantee

that the sensitive material stay untouched even if the hole system goes down it would be enough.

I really didn't understand safecode functionality at all, so I thought about compiling the applications

that are going to be embedded with safecode, and putting them to run each one in a separated virtual machine,

because for example, even if an attacker were able to exploit the safecode secured program, it would not be 

able to access the memory area of the other apps, so not affecting the whole system.

Am I being redundant? I mean compiling with safecode and running in VM's? 

I'm doing kind of individual research on this area, so I'm accepting (and I'll be very glad if you give me some advice) suggestions or recommended readings.

Thank you,

--
Fabio Resner.