Skip to main content
SpringerLink
Log in

HEALED: HEaling & Attestation for Low-End Embedded Devices

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11598))

Included in the following conference series:

Abstract

We are increasingly surrounded by numerous embedded systems which collect, exchange, and process sensitive and safety-critical information. The Internet of Things (IoT) allows a large number of interconnected devices to be accessed and controlled remotely, across existing network infrastructure. Consequently, a remote attacker can exploit security vulnerabilities and compromise these systems. In this context, remote attestation is a very useful security service that allows to remotely and securely verify the integrity of devices’ software state, thus allowing the detection of potential malware on the device. However, current attestation schemes focus on detecting whether a device is infected by malware but not on disinfecting it and restoring its software to a benign state.

In this paper we present HEALED – the first remote attestation scheme for embedded devices that allows both detection of software compromise and disinfection of compromised devices. HEALED uses Merkle Hash Trees (MHTs) for measurement of software state, which allows restoring a device to a benign state in a secure and efficient manner.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In the case of networks of embedded devices, we rely on the initialization protocol of existing collective attestation schemes for sharing software configurations and symmetric keys between devices [8].

  2. 2.

    It is not possible to provide accurate measurements of the energy consumption of HEALED since our FPGA implementations of SMART and TrustLite tend to consume considerably more energy than manufactured chips.

References

  1. Target attack shows danger of remotely accessible HVAC systems (2014). http://www.computerworld.com/article/2487452/cybercrime-hacking/target-attack-shows-danger-of-remotely-accessible-hvac-systems.html

  2. Jeep Hacking 101 (2015). http://spectrum.ieee.org/cars-that-think/transportation/systems/jeep-hacking-101

  3. Abera, T., et al.: C-FLAT: control-flow attestation for embedded systems software. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 743–754. ACM, New York (2016), https://doi.org/10.1145/2976749.2978358

  4. Abera, T., et al.: Invited - things, trouble, trust: On building trust in iot systems. In: Proceedings of the 53rd Annual Design Automation Conference, DAC 2016, pp. 121:1–121:6. ACM, New York (2016). https://doi.org/10.1145/2897937.2905020

  5. Ambrosin, M., Conti, M., Ibrahim, A., Neven, G., Sadeghi, A.R., Schunter, M.: SANA: secure and scalable aggregate network attestation. In: Proceedings of the 23rd ACM Conference on Computer & Communications Security, CCS 2016 (2016)

    Google Scholar 

  6. ARM Limited: SSL library mbed TLS/polarssl (2016). https://tls.mbed.org/

  7. Armknecht, F., Sadeghi, A.R., Schulz, S., Wachsmann, C.: A security framework for the analysis and design of software attestation. In: ACM Conference on Computer and Communications Security (2013)

    Google Scholar 

  8. Asokan, N., et al.: SEDA: scalable embedded device attestation. In: Proceedings of the 22nd ACM Conference on Computer & Communications Security, CCS 2015, pp. 964–975 (2015)

    Google Scholar 

  9. Asokan, N., Nyman, T., Rattanavipanon, N., Sadeghi, A., Tsudik, G.: Assured: architecture for secure software update of realistic embedded devices. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 37(11), 2290–2300 (2018)

    Article  Google Scholar 

  10. Botnet, M.: Website (2016). https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html

  11. Dessouky, G., et al.: LO-FAT: low-overhead control flow attestation in hardware. In: 54th Design Automation Conference (DAC 2017), June 2017

    Google Scholar 

  12. Eldefrawy, K., Tsudik, G., Francillon, A., Perito, D.: SMART: secure and minimal architecture for (establishing a dynamic) root of trust. In: Network and Distributed System Security Symposium (2012)

    Google Scholar 

  13. Francillon, A., Nguyen, Q., Rasmussen, K.B., Tsudik, G.: A minimalist approach to remote attestation. In: Design, Automation & Test in Europe (2014)

    Google Scholar 

  14. Gardner, R., Garera, S., Rubin, A.: Detecting code alteration by creating a temporary memory bottleneck. IEEE Trans. Inf. Forensics Secur. 4(4), 638–650 (2009)

    Article  Google Scholar 

  15. Ibrahim, A., Sadeghi, A.R., Tsudik, G.: DARPA: device attestation resilient against physical attacks. In: Proceedings of the 9th ACM Conference on Security and Privacy in Wireless and Mobile Networks. WiSec 2016 (2016)

    Google Scholar 

  16. Ibrahim, A., Sadeghi, A.R., Tsudik, G.: US-AID: unattended scalable attestation of IOT devices. In: Proceedings of the 37th IEEE International Symposium on Reliable Distributed Systems, SRDS 2018 (2018)

    Google Scholar 

  17. Kennell, R., Jamieson, L.H.: Establishing the genuinity of remote computer systems. In: USENIX Security Symposium (2003)

    Google Scholar 

  18. Koeberl, P., Schulz, S., Sadeghi, A.R., Varadharajan, V.: TrustLite: a security architecture for tiny embedded devices. In: European Conference on Computer Systems (2014)

    Google Scholar 

  19. Kovah, X., Kallenberg, C., Weathers, C., Herzog, A., Albin, M., Butterworth, J.: New results for timing-based attestation. In: IEEE Symposium on Security and Privacy, pp. 239–253 (2012)

    Google Scholar 

  20. Li, Y., McCune, J.M., Perrig, A.: VIPER: verifying the integrity of peripherals’ firmware. In: ACM Conference on Computer and Communications Security (2011)

    Google Scholar 

  21. McCune, J.M., et al.: TrustVisor: efficient TCB reduction and attestation. In: Proceedings of the 2010 IEEE Symposium on Security & Privacy, S&P 2010, pp. 143–158 (2010)

    Google Scholar 

  22. McCune, J.M., Parno, B.J., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for TCB minimization. SIGOPS Operating Syst. Rev. 42(4), 315–328 (2008)

    Article  Google Scholar 

  23. Merkle, R.C.: Protocols for public key cryptosystems. In: IEEE Symposium on Security and Privacy, pp. 122–134. IEEE Computer Society (1980). http://dblp.uni-trier.de/db/conf/sp/sp1980.html#Merkle80

  24. de Meulenaer, G., Gosset, F., Standaert, O.X., Pereira, O.: On the energy cost of communication and cryptography in wireless sensor networks. In: IEEE International Conference on Wireless and Mobile Computing (2008)

    Google Scholar 

  25. OpenSim Ltd.: OMNeT++ discrete event simulator. http://omnetpp.org/ (2015)

  26. Perito, D., Tsudik, G.: Secure code update for embedded devices via proofs of secure erasure. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 643–662. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15497-3_39

    Chapter  Google Scholar 

  27. Petroni, Jr., N.L., Fraser, T., Molina, J., Arbaugh, W.A.: Copilot – a coprocessor-based Kernel runtime integrity monitor. In: USENIX Security Symposium, pp. 13–13. USENIX Association (2004)

    Google Scholar 

  28. Pietro, R.D., Ma, D., Soriente, C., Tsudik, G.: POSH: proactive co-operative self-healing in unattended wireless sensor networks. In: 2008 Symposium on Reliable Distributed Systems, October 2008, pp. 185–194 (2008)

    Google Scholar 

  29. Sailer, R., Zhang, X., Jaeger, T., Van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 13th USENIX Security Symposium, pp. 223–238 (2004)

    Google Scholar 

  30. Samuel, J., Mathewson, N., Cappos, J., Dingledine, R.: Survivable key compromise in software update systems. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 61–72. CCS 2010. ACM, New York (2010). https://doi.org/10.1145/1866307.1866315

  31. Schellekens, D., Wyseur, B., Preneel, B.: Remote attestation on legacy operating systems with trusted platform modules. Sci. Comput. Program. 74(1), 13–22 (2008)

    Article  MathSciNet  Google Scholar 

  32. Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: software-based attestation for embedded devices. In: IEEE Symposium on Security and Privacy (2004)

    Google Scholar 

  33. Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: SCUBA: secure code update by attestation in sensor networks. In: ACM Workshop on Wireless Security (2006)

    Google Scholar 

  34. Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: ACM Symposium on Operating Systems Principles (2005)

    Google Scholar 

  35. Trusted Computing Group (TCG): Website. http://www.trustedcomputinggroup.org (2015)

  36. Vijayan, J.: Stuxnet renews power grid security concerns, June 2010. http://www.computerworld.com/article/2519574/security0/stuxnet-renews-power-grid-security-concerns.html

  37. Zeitouni, S., et al.: ATRIUM: runtime attestation resilient under memory attacks. In: 2017 International Conference on Computer Aided Design, ICCAD 2017, November 2017

    Google Scholar 

Download references

Acknowledgements

We thank the anonymous reviewers and, in particular, Alvaro Cardenas for his constructive feedback. This research was co-funded by the German Science Foundation, as part of project S2 within CRC 1119 CROSSING, HWSec, and Intel Collaborative Research Institute for Collaborative Autonomous & Resilient Systems (ICRI-CARS). Gene Tsudik was supported in part by: (1) DHS under subcontract from HRL Laboratories, (2) ARO under contract W911NF-16-1-0536, and (3) NSF WiFiUS Program Award 1702911.

Author information

Authors and Affiliations

  1. Technische Universität Darmstadt, Darmstadt, Germany

    Ahmad Ibrahim & Ahmad-Reza Sadeghi

  2. University of California, Irvine, CA, USA

    Gene Tsudik

Authors
  1. Ahmad Ibrahim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ahmad-Reza Sadeghi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gene Tsudik
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ahmad Ibrahim .

Editor information

Editors and Affiliations

  1. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, Canada

    Ian Goldberg

  2. Tandy School of Computer Science, University of Tulsa, Tulsa, USA

    Tyler Moore

Rights and permissions

Reprints and permissions

Copyright information

© 2019 International Financial Cryptography Association

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ibrahim, A., Sadeghi, AR., Tsudik, G. (2019). HEALED: HEaling & Attestation for Low-End Embedded Devices. In: Goldberg, I., Moore, T. (eds) Financial Cryptography and Data Security. FC 2019. Lecture Notes in Computer Science(), vol 11598. Springer, Cham. https://doi.org/10.1007/978-3-030-32101-7_36

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-32101-7_36

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-32100-0

  • Online ISBN: 978-3-030-32101-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation