Abstract
Large distributed systems, like Industrial Control Systems, should be able to verify that devices that are connected to trusted entities are real authorized network nodes running unmodified firmware. Remote attestation is a mechanism that can provide limited confidence of device identity and integrity. Remote attestation allows a remote verifier, e.g. a service provider, to verify integrity of the connecting system before providing a service. The current standard practice in remote attestation, defined by the Trusted Computing Group (TCG), is based on integrity measurements whose results are stored into an isolated trusted component called Trusted Platform Module (TPM) inside the system to be attested. The proof-of-concept scenario implementing similar functionality using an ARM processor secure environment is discussed. The implementation is done using ARM processor emulator which includes emulation for ARM TrustZone Trusted Execution Environment (TEE) providing isolated trusted component functionality. Challenges and security issues of the chosen approach are discussed.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kushner, D.: The real story of stuxnet. Spectr. IEEE 50(3), 48–53 (2013). doi:10.1109/MSPEC.2013.6471059
Trusted Computing Group: Trusted Platform Module (TPM) Specifications. http://www.trustedcomputinggroup.org/resources/tpm_main_specification
Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of TCG-based integrity measurement architecture. In: Proceedings of the 13th USENIX Security Symposium, San Diego, CA, USA, August 2004
Trusted Computing Group: TPM 2.0 Mobile Reference Architecture Specification. http://www.trustedcomputinggroup.org/resources/tpm_20_mobile_reference_architecture_specification
ARM Ltd: TrustZone. www.arm.com/products/processors/technologies/trustzone/index.php
Coker, G., Guttman, J., Loscocco, P., Herzog, A., Millen, J., O’Hanlon, B., Ramsdell, J., Segall, A., Sheehy, J., Brian Sniffen, B.: Principles of remote attestation. Int. J. Inf. Secur. 10(2), 63–81 (2011). doi:10.1007/s10207-011-0124-7
Asokan, N., Ekberg, J.-E., Kostiainen, K., Rajan, A., Rozas, C., Sadeghi, A.-R., Schulz, S., Wachsmann, C.: Mobile trusted computing. Proc. IEEE 102(8), 1189–1206 (2014)
Kennell, R., Jamieson, L.H.: Establishing the genuinity of remote computer systems. In: Proceedings of the 12th USENIX Security Symposium, Washington D.C., USA, August 2003
Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: SWATT: softWare-based attestation for embedded devices. In: 2004 IEEE Symposium on Security and Privacy, Proceedings, pp. 272–282, 9–12 May 2004. doi:10.1109/SECPRI.2004.1301329
Seshadri, A., Luk, M., Shi, E., Perrig, A., van Doorn, L., Khosla, P.: Pioneer: verifying integrity and guaranteeing execution of code on legacy platforms. In: Proceedings of ACM Symposium on Operating Systems Principles (SOSP) (2005)
Martignoni, L., Paleari, R., Bruschi, D.: Conqueror: tamper-proof code execution on legacy systems. In: Kreibich, C., Jahnke, M. (eds.) DIMVA 2010. LNCS, vol. 6201, pp. 21–40. Springer, Heidelberg (2010)
Shankar, U., Chew, M., Tygar, J.D.: Side effects are not sufficient to authenticate software. In: Proceedings of the 13th Conference on USENIX Security Symposium, San Diego, CA, USA, August 2004
Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009), pp. 400–409. ACM, New York, NY, USA (2009). doi:10.1145/1653662.165371
Sadeghi, A.-R., Stüble, C: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: Proceedings of the 2004 Workshop on New Security Paradigms (NSPW 2004), pp. 67–77. ACM, New York, NY, USA (2004). doi:10.1145/1065907.1066038
Kühn, U., Selhorst, M., Stüble, C.: Realizing property-based attestation and sealing with commonly available hard- and software. In: Proceedings of the STC 2007, ACM Workshop on Scalable Trusted Computing (2007)
Nagarajan, A., Varadharajan, V., Hitchens, M., Gallery, E.: Property based attestation and trusted computing: analysis and challenges. In: Proceedings of the NSS 2009, Network and System Security (2009)
Chen, L., Löhr, H., Manulis, M., Sadeghi, A.-R.: Property-based attestation without a trusted third party. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 31–46. Springer, Heidelberg (2008)
Kostiainen, K., Asokan, N., Ekberg, J.-E.: Practical property-based attestation on mobile devices. In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) Trust 2011. LNCS, vol. 6740, pp. 78–92. Springer, Heidelberg (2011)
Azab, A.M., Ning, P., Sezer, E.C., Zhang, X.: HIMA: a hypervisor-based integrity measurement agent. In: Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC 2009), Honolulu, Hawaii, USA, December 2009
Stelte, B., Kock, R., Ullman, M.: Towards integrity measurement in virtualized environments – a hypervisor based sensory integrity measurement architecture (SIMA). In: Proceedings of the 2007 IEEE Conference on Technologies for Homeland Security, Woburn, MA, USA (2007)
Pardo-Castellote, G., Lang, U.: Trusted remote attestation for secure embedded systems, 04 March 2013, Embedded.com
Francillon, A., Nguyen, Q., Rasmussen, K.B., Tsudik, G.: A minimalist approach to remote attestation. In: Proceedings of the Conference on Design, Automation and Test in Europe (DATE 2014), Article 244, 6 p. European Design and Automation Association, 3001 Leuven, Belgium (2014)
Francilloin, A., Nguyen, Q., Rasmussen, K.B., Tsudik, G.: Systematic treatment of remote attestation. IACR Cryptology ePrint Arch. Article no. 2012, p. 713 (2012)
Eldefrawy, K., Tsudik, G., Francillon, A.: SMART: secure and minimal architecture for (establishing dynamic) root of trust. In: NDSS (2012)
Noorman, J., Agten, P., Daniels, W., Strackx, R., van Herrewege, A., Huygens, C., Preneel, B., Verbauwhede, I., Piessens, F.: Sancus: low-cost trustworthy extensible networked device with a zero-software trusted computing base. In: Proceeding SEC 2013 Proceedings of the 22nd USENIX Conference on Security, pp. 479–494. USENIX Association Berkeley, CA, USA (2013)
MSP Low-Power Microcontrollers, Texas Instruments. http://www.ti.com/lit/sg/slab034ab/slab034ab.pdf
The OpenCores Project. http://opencores.org/
Koeberl, P., Schulz, S., Sadeghi, A.-R., Varadharajan, V.: TrustLite: a security architecture for tiny embedded devices. In: Proceeding EuroSys 2014 Proceedings of the Ninth European Conference on Computer Systems (2014)
Brasser, F., Koebert, P., El Mahjoub, B., Sadeghi, A.-R., Wachsmann, C.: TyTAN: tiny trust anchor for tiny devices. In: 52nd Design Automation Conference (DAC) 2015, June 2015
Trusted Computing Group: TPM MOBILE with Trusted Execution Environment for Comprehensive Mobile Device Security, White paper, June 2012. http://www.trustedcomputinggroup.org/files/static_page_files/5999C3C1-1A4B-B294-D0BC20183757815E/TPM%20MOBILE%20with%20Trusted%20Execution%20Environment%20for%20Comprehensive%20Mobile%20Device%20Security.pdf
Nauman, M., Khan, S., Zhang, X., Seifert, J.-P.: Beyond kernel-level integrity measurement: enabling remote attestation for the android platform. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 1–15. Springer, Heidelberg (2010)
Trusted Computing Group: TCG Attestation PTS Protocol: Binding TNC IF-M, Specification Version 1.0, Revision 28, 24 August 2011
Trusted Computing Group: TNC Architecture for Interoperability, v1.3 (2008)
Freescale: Security Reference Manual for i.MX 6Dual, 6Quad, 6Solo, and 6DualLite Families of Application Processors, Document Number: IMX6DQ6SDLSRM, Rev. 0, March 2013
Safford, D., Kasatkin, D., Zohar, M., Sailer, R., Hallyn, S.: Integrity Measurement Architecture (IMA). http://sourceforge.net/p/linux-ima/wiki/Home/
Bech, J.: LCU14-103: How to create and run Trusted Applications on OP-TEE, Linaro, September 2014. http://www.slideshare.net/linaroorg/lcu14103-how-to-create-and-run-trusted-applications-on-optee
Unified Extensible Firmware Interface Forum: Home page. http://www.uefi.org
ARM: ARM Trusted Firmware, source code. https://github.com/ARM-software/arm-trusted-firmware
Linaro: OP-TEE, web page. https://wiki.linaro.org/WorkingGroups/Security/OP-TEE
OpenEmbedded: OpenEmbedded Linux distribution home page, web page. http://www.openembedded.org/wiki/Main_Page
ARM: ARM®v8 Foundation Model User Guide, Version: 1.0 (2013). http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0677b/index.html
Global Platform: Global Platform Specifications, web page. http://www.globalplatform.org/specificationsdevice.asp
Guttman, P.: Everything you Never Wanted to Know about PKI but were Forced to Find Out, University of Auckland. https://www.cs.auckland.ac.nz/~pgut001/pubs/pkitutorial.pdf
Acknowledgements
The work presented here has been carried out in two research projects launched by the Finnish Strategic Centre for Science, Technology and Innovation Digile Ltd.: the IoT Program (2012–2015) and CyberTrust (2015).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Kylänpää, M., Rantala, A. (2016). Remote Attestation for Embedded Systems. In: Bécue, A., Cuppens-Boulahia, N., Cuppens, F., Katsikas, S., Lambrinoudakis, C. (eds) Security of Industrial Control Systems and Cyber Physical Systems. CyberICS WOS-CPS 2015 2015. Lecture Notes in Computer Science(), vol 9588. Springer, Cham. https://doi.org/10.1007/978-3-319-40385-4_6
Download citation
DOI: https://doi.org/10.1007/978-3-319-40385-4_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40384-7
Online ISBN: 978-3-319-40385-4
eBook Packages: Computer ScienceComputer Science (R0)