Team May07-10
April 24, 2007
IntroductionProject Team Information Team Members
Jason ErbskornTim PolehnaAaron SartorAaron ThoemingJared Wachter
AdvisorDr. Thomas Daniels
ClientsDr. John W. LamontRalph Patterson III
IntroductionPresentation Outline Introduction
Jason Erbskorn
Design Overview Jared Watcher
Project Activities Aaron Thoeming Tim Polehna Aaron Sartor
Resources and Schedules Aaron Sartor
Closing Materials Jason Erbskorn
IntroductionWhat Are We Designing?
+ USB Flash Drive Transparent Anti-Virus
IntroductionSelected Definitions Foreign computer – A computing machine
that the user does not own and of which the security status is unknown
Home computer – A computing machine that the user owns, operates, and of which the security status is generally known
Project OverviewProject Requirements USB storage device Upgradeable firmware Block viral transmissions to the host
computer Protect system software integrity Inform the user of malicious attacks
Project Overview Operating Environment Indoor environment 0ºC to 70ºC ambient temperature 10% to 90% relative humidity
Project Overview Intended Users Own a personal computer Want to use a portable USB storage
device on foreign computers Desire to keep home computers
and/or network virus free
Project Overview Assumptions Home computer
Available USB 1.1/2.0 port Microsoft Windows 2000/XPUSB Portable Firewall utility installed
Foreign computerAvailable USB 1.1/2.0 port
Project Overview Limitations Virus detection
Cannot detect all malicious attacks USB 1.1 protocol
12Mb/s data rate2.5W max power drawDevice interface to host
Budget $150 maximum plus donations
Project Overview Design Constraints Device software
Linux 2.6.20Clam Antivirus 0.90.2GNUPG 1.4.7
GUI host softwareWindows 2000/XP.NET 2.0 Framework
Gumstix USB powered hardware Size of flash memory MP3 player 1GB flash memory storage
Project Overview Primary Deliverable USB Portable Firewall Overall System
Project Overview Other Deliverables Software Utility
Updates device firmware imageInformation on malicious attack prevention
DocumentationProject planEnd-product design reportProject posterFinal reportUser ManualWebsite
Project ActivitiesPresent Accomplishments Completed
Project documentationHardware assemblySoftware utilityBuild image
IncompleteScanning algorithmKernel integrationTesting
Project Activities Approaches Considered GUI Software Utility
C, C++, Java programming language
Scanning AlgorithmRead/Write, File Transfer Protocol
HardwareConnectCore 9U, TS-7400
Anti-virus SystemOpen Anti-Virus, Norton AV
Kernel IntegrationDirect placement into driver
Project ActivitiesMotherboard
400MHz Intel XScale PXA225 microprocessor 16MB onboard flash memory 64MB 100MHz onboard SDRAM Expansion board support RS-MMC flash media support 1W power requirement
Project Activities Expansion Boards
Implementation Type A male USB port USB 1.1 standard USB power delivery
Development RS-232 serial port Two expansion connectors DC power delivery
Project Activities Component Assembly
Project Activities Final Hardware Implementation
Project Activities Software Build Image Buildroot environment
Micro C library based system○ Stripped down to bare minimum
Designed for gumstix hardware
x86 ARM cross-compile toolchainLinux 2.6.20ClamAV 0.9.2GnuPG 1.4.7
Project Activities USB Communication PXA255 base driver USB Gadget layer
File Backed Storage
USB Mass Storage Class Native OS support
Driver Scanner /proc interface
Standard USB Storage
Driver
USB Host Interface
Windows OS
FAT32Storage
USB Device Interface
Storage Controller
USB Firewall Driver & Software
Host PC Storage Device
Any Host PC
USB Portable Firewall
Project Activities Start-Up Procedure Kernel loads Boot script executed
Device not available until script finishes
Software updates occur at boot time
Visual confirmation that device has finished booting
Start-Up
Does New File in Update Directory Exist?
Check update file signature
Is file signature valid?
Send USB Generic Storage Volume Control Message
Replace existing definitions with the
decrypted
Yes
No
Yes
No
Project Activities Scanning System - Transfer to Device Updates FAT indexing array for virus scanning System software inherently protected by Gadget API
LbaToCluster()
ClusterNum < RootDirNum
UpdateClusterArray()
MakeDirty()
No
Yes
USB Command Decoding
USBCommandProcessing
LBA#
Cluster#
Project Activities Scanning System - Transfer to Host Scan entire file before sending the pieces of it
Intercept file system requests to read blocks of data Report transfer error to host if virus found
LbaToCluster() IsDirty()
ScanFile() MarkClean()
SendTxFailure()GetFileInfo()
USB Command Decoding
USBCommandProcessing
LBA# Cluster#
Yes
No
FirstCluster#
Project Activities Functional Alerts Yellow LED – Transfer Activity Green LED – Device Ready
LED’s OFF
Startup
Green LED ON
Ready
Yellow LED Flash
Transferring
LED’s OFF
ShutdownMount
Transfer Command Received
Unmount
File Transfered
Project Activities Override System Red LED – Override Indicator Single switch logic
Enables/disables scanning system
Red LED Off
Red LED On
Switch OnSwitch Off
Project Activities GUI – Overview Designed in C# language
.NET Framework 2.0
Used on home computer Displays detected infected
files information Anti-virus definition updating
Project Activities GUI – Infected Files / Virus Information Reads from log file on device Infected file
Name SizeModification date
Virus informationName of virus Type of virusAction taken
Project Activities GUI – Device Updating User downloads new update image User specifies path of downloaded file Utility transfers file to device Device loads new software on next boot
Project Activities Verification and Validation Device performance
Board Power-On Self Test (POST)USB device-host connection testVirus detection testOverride function testFirmware update test
Faculty advisor test validation
Team Member Task Total
1 2 3 4 5 6 7 8
Jason Erbskorn 5 14 38 57 15 12 15 55 211
Tim Polehna 5 19 42 62 18 8 10 45 209
Aaron Sartor 5 9 31 55 17 15 14 57 203
Aaron Thoeming 6 13 29 42 23 23 12 48 196
Jared Wachter 6 13 39 61 17 14 12 42 204
Total 27 81 179 277 90 72 63 247 1023
Resources and Schedules
Personnel Hour Requirements
Resources and Schedules
Financial RequirementsItem W/O Labor With Labor
Parts & Materials
a. Basix 400xm Motherboard $130.00 $130.00
b. Serial Cable $12.00 $12.00
c. AC Power Adapter $10.00 $10.00
d. MMC RS 1GB Flash Card $60.00 $60.00
e. Project Poster & Printing Donated Donated
f. Thumbstix Base Board $28.00 $28.00
g. Tweener Board $20.00 $20.00
h. Screws and Spacers kit $4.00 $4.00
i. Miscellaneous Parts $20.00 $20.00
Subtotal $284.00 $284.00
Resources and Schedules
Financial Requirements (contd.)Service Usage & Work W/O Labor With Labor
a. Development PC usage Donated Donated
b. Poster and Reports $65.00 $65.00
Subtotal $65.00 $65.00
Labor at $15/Hour
a. Jason Erbskorn $0.00 $3,165.00
b. Tim Polehna $0.00 $3,135.00
c. Aaron Sartor $0.00 $3,045.00
d. Aaron Thoeming $0.00 $2,940.00
e. Jared Wachter $0.00 $3,060.00
Subtotal $0.00 $15,345.00
Total $349.00 $15,694.00
Resources and Schedules Schedule of Work
Resources and SchedulesDeliverables Schedule Final dates on tasks represent deliverable due dates
Closing MaterialsProject Evaluation
Project Aspect Rating
Project Definition 100%
Technology Research & Selection 100%
Hardware Design 100%
Build Image Design 100%
Scanning System Design 75%
GUI Utility Software Design 100%
Design Integration 33%
Verification & Validation 50%
Production Documentation 100%
Closing Materials Commercialization Demand for secure computing
U3 technology by Kingston and SanDisk
Current advantagesIndependence from host machine
Current shortcomingsNeeds major refinement to be market viable
○ Better appearance and portability○ More robust software and hardware
Needs cost reduction to compete in market
Closing Materials Additional Work Software
Write dedicated USB Gadget driverResearch more effective scanning methodBetter integration with ClamAV
HardwareLarger storage spaceMore attractive case designCustom hardware platformCheaper hardware components
Closing Materials Lessons Learned Project is very large in size
Requires stages for optimum completionGood research base provided by this project
Hardware solution was time consuming Cross compiling is very difficult Scanning during write is difficult Direct integration into Linux kernel difficult
Closing Materials Risk Management Anticipated Risks
Limited hardware development timeLack of open-source documentationMalfunction of software dependencies
Encountered RisksMajor problems during kernel integrationMultiple cross-compilation failuresUSB doesn’t write data blocks concurrently
Closing MaterialsClosing Summary Malicious software pervades computer networks Portable USB storage devices
Not immune to malicious software May contribute to spread of malicious software
USB Portable Firewall Contains 1GB portable flash storage Reduces transfer of malicious software Alerts the user of virus infection and transfer Comes with updatable software Powered by USB power on the host computer
Closing MaterialsQuestion and Answer