Hardware-assisted Remote Runtime Attestation for Critical Embedded Systems

• Published in: 2019 17th International Conference on Privacy, Security and Trust (PST) pp. 1 - 10
• Main Authors: Geden, Munir, Rasmussen, Kasper
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.08.2019
• Subjects: embedded systems security; runtime attestation
• ISSN: 2643-4202
• DOI: 10.1109/PST47121.2019.8949036

Remote attestation, as a challenge-response protocol, enables a trusted entity, called verifier, to ask for an untrusted device, called prover, to provide assurance about its internal integrity. Due to its strong guarantees, remote attestation is becoming increasingly popular for critical embedded systems which can be used for medical, military or industrial control purposes. Previous proposals, which used checksums on static code regions to assure the load-time integrity, miss the runtime attacks that affect only dynamic memory regions. To address these attacks, this paper proposes a new scheme that attests the runtime integrity according to the control and data features of the program. The runtime check can be performed in real time with the help of a novel hardware security module (HSM) design which is connected to the prover's system bus. Proposed HSM detects runtime issues by checking compliance of the bits seen on the address and data bus with the static model loaded into its memory. Our attestation scheme is capable of reporting sophisticated runtime attacks such as code-reuse and non-control data attacks.