RPC Based Framework for Partitioning IoT Security Software for Trusted Execution Environments

Partitioning security components of IoT devices to enable the use of Trusted Execution Environments adds resilience against side-channel attacks. Devices are hardened against extraction of sensitive information, but at the same time additional effort must be spent for the integration of the TEE and software partitioning. To perform partitioning, the developer typically inserts Remote Procedure Calls into the software. Existing RPC-based solutions require the developer to write Interface Definition Language files to generate RPC stubs. In this work, we present an RPC-based framework that supports software partitioning via a graphical user interface. The framework extracts required information about the interfaces from source-code header files to eliminate the need for IDL files. With this approach the TEE integration time is reduced and reuse of existing libraries is supported. We evaluate a Proof-of-Concept by partitioning a TLS library for IoT devices and compare our approach to other RPC-based solutions.

[1]  Erik H. D'Hollander,et al.  Calling hardware procedures in a reconfigurable accelerator using RPC-FPGA , 2017, 2017 International Conference on Field Programmable Technology (ICFPT).

[2]  Weiwei Fang,et al.  Research and application of trusted computing platform based on portable TPM , 2009, 2009 2nd IEEE International Conference on Computer Science and Information Technology.

[3]  Phillip B. Gibbons A Stub Generator for Multilanguage RPC in Heterogeneous Environments , 1987, IEEE Transactions on Software Engineering.

[4]  Daniel Cordeiro,et al.  Comparing REST, SOAP, Socket and gRPC in computation offloading of mobile applications: An energy cost analysis , 2017, 2017 IEEE 9th Latin-American Conference on Communications (LATINCOM).

[5]  Johannes Winter,et al.  Hardware-security technologies for industrial IoT: TrustZone and security controller , 2015, IECON 2015 - 41st Annual Conference of the IEEE Industrial Electronics Society.

[6]  Yuval Yarom,et al.  Another Flip in the Wall of Rowhammer Defenses , 2017, 2018 IEEE Symposium on Security and Privacy (SP).

[7]  Xiaodong Lin,et al.  One Secure Access Scheme Based on Trusted Execution Environment , 2018, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[8]  Alexander Marsalek,et al.  Emulating U2F authenticator devices , 2016, 2016 IEEE Conference on Communications and Network Security (CNS).