STBEAT: Software Update on Trusted Environment Based on ARM TrustZone

In recent years, since edge computing has become more and more popular, its security issues have become apparent and have received unprecedented attention. Thus, the current research concentrates on security not only regarding devices such as PCs, smartphones, tablets, and IoTs, but also the automob...

Full description

Saved in:
Bibliographic Details
Published inSustainability Vol. 14; no. 20; p. 13660
Main Authors Huang, Qi-Xian, Chiu, Min-Yi, Yeh, Chi-Shen, Sun, Hung-Min
Format Journal Article
LanguageEnglish
Published Basel MDPI AG 01.10.2022
Subjects
Automobile industry
Corruption
Design
Embedded systems
Internet
Internet of Things
Linux
Open source software
Operating systems
Power consumption
Public domain
Remote control
Safety and security measures
Security
Smartphones
Software
Software upgrading
Sustainability
Tablet computers
Taiwan
Online AccessGet full text

Cover

More Information
Summary:In recent years, since edge computing has become more and more popular, its security issues have become apparent and have received unprecedented attention. Thus, the current research concentrates on security not only regarding devices such as PCs, smartphones, tablets, and IoTs, but also the automobile industry. However, since attack vectors have become more sophisticated than ever, we cannot just protect the zone above the system software layer in a certain operating system, such as Linux, for example. In addition, the challenges in IoT devices, such as power consumption, performance efficiency, and authentication management, still need to be solved. Since most IoT devices are controlled remotely, the security regarding system maintenance and upgrades has become a big issue. Therefore, a mechanism that can maintain IoT devices within a trusted environment based on localhost or over-the-air (OTA) will be a viable solution. We propose a mechanism called STBEAT, integrating an open-source project with ARM TrustZone to solve the challenges of upgrading the IoT system and updating system files more safely. This paper focuses on the ARMv7 architecture and utilizes the security stack from TrustZone to OP-TEE under the STM32 board package, and finally obtains the security key from the trusted application, which is used to conduct the cryptographic operations and then install the newer image on the MMC interface. To sum up, we propose a novel software update strategy and integrated ARM TrustZone security extension to beef up the embedded ecosystem.
ISSN:2071-1050
2071-1050
DOI:10.3390/su142013660