Mersenne twister: a 623-dimensionally equidistributed uniform pseudo-random number generator
ACM Transactions on Modeling and Computer Simulation (TOMACS) - Special issue on uniform random number generation
Low Cost Attacks on Tamper Resistant Devices
Proceedings of the 5th International Workshop on Security Protocols
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Applying Protocol Analysis to Security Device Interfaces
IEEE Security and Privacy
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Unified Architecture for Large-Scale Attested Metering
HICSS '07 Proceedings of the 40th Annual Hawaii International Conference on System Sciences
Attested append-only memory: making adversaries stick to their word
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
DejaView: a personal virtual computer recorder
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Pripayd: privacy friendly pay-as-you-drive insurance
Proceedings of the 2007 ACM workshop on Privacy in electronic society
Cloaker: Hardware Supported Rootkit Concealment
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Trusted computing building blocks for embedded linux-based ARM trustzone platforms
Proceedings of the 3rd ACM workshop on Scalable trusted computing
TrInc: small trusted hardware for large distributed systems
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Enforcing executing-implies-verified with the integrity-aware processor
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Reliable telemetry in white spaces using remote attestation
Proceedings of the 27th Annual Computer Security Applications Conference
SABOT: specification-based payload generation for programmable logic controllers
Proceedings of the 2012 ACM conference on Computer and communications security
CPS: stateful policy enforcement for control system device usage
Proceedings of the 29th Annual Computer Security Applications Conference
| Hi-index | 0.00 |
There are increasing deployments of networked embedded systems and rising threats of malware intrusions on such systems. To mitigate this threat, it is desirable to enable commonly-used embedded processors known as flash MCUs to provide remote attestation assurances like the Trusted Platform Module (TPM) provides for PCs. However, flash MCUs have special limitations concerning cost, power efficiency, computation, and memory that influence how this goal can be achieved. Moreover, many types of applications require integrity guarantees for the system over an interval of time rather than just at a given instant. The aim of this paper is to demonstrate how an architecture we call a Cumulative Attestation Kernel (CAK) can address these concerns by providing cryptographically secure firmware auditing on networked embedded systems. To illustrate the value of CAKs, we demonstrate practical remote attestation for Advanced Metering Infrastructure (AMI), a core technology in emerging smart power grid systems that requires cumulative integrity guarantees. To this end, we show how to implement a CAK in less than one quarter of the memory available on low end AVR32 flash MCUs similar to those used in AMI deployments. We analyze one of the specialized features of such applications by formally proving that remote attestation requirements are met by our implementation even if no battery backup is available to prevent sudden halt conditions.