Off-campus UMass Amherst users: To download campus access dissertations, please use the following link to log into our proxy server with your UMass Amherst user name and password.

Non-UMass Amherst users: Please talk to your librarian about requesting this dissertation through interlibrary loan.

Dissertations that have an embargo placed on them will not be available to anyone until the embargo expires.



Access Type

Open Access Thesis

Document Type


Degree Program

Electrical & Computer Engineering

Degree Type

Master of Science in Electrical and Computer Engineering (M.S.E.C.E.)

Year Degree Awarded


Month Degree Awarded



Embedded processors are being increasingly used in our daily life and have become an important part of many types of infrastructure in the world. As people start depending more on embedded systems for personal and business processing operations, the attacks on these systems have also been on a rise. Existing defense mechanisms targeted for desktop and server processors cannot be used to defend embedded systems as these system exhibit constraints on processing performance and processing power and energy. Thus, embedded systems require low overhead security approaches to ensure that they are protected from attacks.

This thesis describes a hardware based approach to monitor the operation of an embedded processor instruction-by-instruction, where deviations from expected program behavior are detected within the time associated with the execution of an instruction. Previous work in this area has focused on monitoring a single task on a CPU while here a novel hardware monitoring system that can monitor multiple active tasks in an operating-system-based platform is presented. This approach doesn’t need any change in application binary code. The hardware monitor is able to track context switches that occur in the operating system and ensure that monitoring is performed continuously, thus ensuring system security.

This thesis describes the design of the system as well as results obtained from a prototype implementation of the system on an Altera DE4 FPGA board. It is demonstrated in hardware that applications can be monitored at instruction level without execution slow-down and buffer overflow attacks can be defeated using this system. When an attack occurs, it is detected within a cycle and the attack task is killed before it can harm the system. The system uses an off-chip DRAM for storing the application binary and the operating system kernel. A centralized graph memory is implemented on-chip to support the storage of all monitoring graphs associated with the system. MiBench benchmarks such as qsort, bitcount, stringmatch, basicmath and dijkstra are used to evaluate the system.


First Advisor

Russell Tessier