CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Secret-Key Agreement without Public-Key Cryptography
CRYPTO '93 Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Low Cost Attacks on Tamper Resistant Devices
Proceedings of the 5th International Workshop on Security Protocols
A dynamic operating system for sensor nodes
Proceedings of the 3rd international conference on Mobile systems, applications, and services
Java™ on the bare metal of wireless sensor devices: the squawk Java virtual machine
Proceedings of the 2nd international conference on Virtual execution environments
t-kernel: providing reliable OS support to wireless sensor networks
Proceedings of the 4th international conference on Embedded networked sensor systems
Run-time dynamic linking for reprogramming wireless sensor networks
Proceedings of the 4th international conference on Embedded networked sensor systems
Harbor: software-based memory protection for sensor nodes
Proceedings of the 6th international conference on Information processing in sensor networks
Fidelity and yield in a volcano monitoring sensor network
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Efficient memory safety for TinyOS
Proceedings of the 5th international conference on Embedded networked sensor systems
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Elliptic-Curve-Based Security Processor for RFID
IEEE Transactions on Computers
Code injection attacks on harvard-architecture devices
Proceedings of the 15th ACM conference on Computer and communications security
Introduction and overview of the multics system
AFIPS '65 (Fall, part I) Proceedings of the November 30--December 1, 1965, fall joint computer conference, part I
On-board credentials with open provisioning
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Wildlife and environmental monitoring using RFID and WSN technology
Proceedings of the 7th ACM Conference on Embedded Networked Sensor Systems
On the difficulty of software-based attestation of embedded devices
Proceedings of the 16th ACM conference on Computer and communications security
Self-propagating worms in wireless sensor networks
Proceedings of the 5th international student workshop on Emerging networking experiments and technologies
Noninterference through Secure Multi-execution
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
TrustVisor: Efficient TCB Reduction and Attestation
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
SICE: a hardware-level strongly isolated computing environment for x86 multi-core platforms
Proceedings of the 18th ACM conference on Computer and communications security
SenShare: transforming sensor networks into multi-application sensing infrastructures
EWSN'12 Proceedings of the 9th European conference on Wireless Sensor Networks
Runtime countermeasures for code injection attacks against C and C++ programs
ACM Computing Surveys (CSUR)
On the security of public key protocols
IEEE Transactions on Information Theory
Middleware to support sensor network applications
IEEE Network: The Magazine of Global Internetworking
Secure Compilation to Modern Processors
CSF '12 Proceedings of the 2012 IEEE 25th Computer Security Foundations Symposium
Proceedings of the 2012 ACM conference on Computer and communications security
Experiences from a decade of TinyOS development
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
The State of Embedded-Device Security (Spoiler Alert: It's Bad)
IEEE Security and Privacy
Hi-index | 0.00 |
In this paper we propose Sancus, a security architecture for networked embedded devices. Sancus supports extensibility in the form of remote (even third-party) software installation on devices while maintaining strong security guarantees. More specifically, Sancus can remotely attest to a software provider that a specific software module is running uncompromised, and can authenticate messages from software modules to software providers. Software modules can securely maintain local state, and can securely interact with other software modules that they choose to trust. The most distinguishing feature of Sancus is that it achieves these security guarantees without trusting any infrastructural software on the device. The Trusted Computing Base (TCB) on the device is only the hardware. Moreover, the hardware cost of Sancus is low. We describe the design of Sancus, and develop and evaluate a prototype FPGA implementation of a Sancus-enabled device. The prototype extends an MSP430 processor with hardware support for the memory access control and cryptographic functionality required to run Sancus. We also develop a C compiler that targets our device and that can compile standard C modules to Sancus protected software modules.