EMMA: Hardware/Software Attestation Framework for Embedded Systems Using Electromagnetic Signals

Establishing trust for an execution environment is an important problem, and practical solutions for it rely on attestation, where an untrusted system (prover) computes a response to a challenge sent by the trusted system (verifier). The response typically is a checksum of the prover's program, which the verifier checks against expected values for a "clean" (trustworthy) system. The main challenge in attestation is that, in addition to checking the response, the verifier also needs to verify the integrity of the response computation. On higher-end processors, this integrity is verified cryptographically, using dedicated trusted hardware. On embedded systems, however, constraints prevent the use of such hardware support. Instead, a popular approach is to use the request-to-response time as a way to establish confidence. However, the overall request-to-response time provides only one coarse-grained measurement from which the integrity of the attestation is to be inferred, and even that is noisy because it includes the network latency and/or variations due to micro-architectural events. Thus, the attestation is vulnerable to attacks where the adversary has tampered with response computation, but the resulting additional computation time is small relative to the overall request-to-response time. In this paper, we make a key observation that execution-time measurement is only one example of using externally measurable side-channel information, and that other side-channels, some of which can provide much finer-grain information about the computation, can be used. As a proof of concept, we propose EMMA, a novel method for attestation that leverages electromagnetic side-channel signals that are emanated by the system during response computation, to confirm that the device has, upon receiving the challenge, actually computed the response using the valid program code for that computation. This new approach requires physical proximity, but imposes no overhead to the system, and provides accurate monitoring during the attestation. We implement EMMA on a popular embedded system, Arduino UNO, and evaluate our system with a wide range of attacks on attestation integrity. Our results show that EMMA can successfully detect these attacks with high accuracy. We compare our method with the existing methods and show how EMMA outperforms them in terms of security guarantees, scalability, and robustness.

[1]  Somayeh Sardashti,et al.  The gem5 simulator , 2011, CARN.

[2]  David Lie,et al.  Unicorn: two-factor attestation for data security , 2011, CCS '11.

[3]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[4]  Ryan W. Gardner,et al.  Detecting Code Alteration by Creating a Temporary Memory Bottleneck , 2009, IEEE Transactions on Information Forensics and Security.

[5]  Ahmad-Reza Sadeghi,et al.  PUFatt: Embedded platform attestation based on novel processor-based PUFs , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[6]  Gene Tsudik,et al.  VRASED: A Verified Hardware/Software Co-Design for Remote Attestation , 2019, USENIX Security Symposium.

[7]  Wenyuan Xu,et al.  WattsUpDoc: Power Side Channels to Nonintrusively Discover Untargeted Malware on Embedded Medical Devices , 2013, HealthTech.

[8]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[9]  Ahmad-Reza Sadeghi,et al.  LiteHAX: Lightweight Hardware-Assisted Attestation of Program Execution , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[10]  L. V. Doorn,et al.  SCUBA: Secure Code Update By Attestation in sensor networks , 2006, WiSe '06.

[11]  Wenyuan Xu,et al.  On Code Execution Tracking via Power Side-Channel , 2016, CCS.

[12]  Milos Prvulovic,et al.  Syndrome: Spectral analysis for anomaly detection on medical IoT and embedded devices , 2018, 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[13]  Ahmad-Reza Sadeghi,et al.  Remote attestation for low-end embedded devices: The prover's perspective , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[14]  Binbin Chen,et al.  Secure and Efficient Software-based Attestation for Industrial Control Devices with ARM Processors , 2017, ACSAC.

[15]  Keith Mayes,et al.  The B-Side of Side Channel Leakage: Control Flow Security in Embedded Systems , 2013, SecureComm.

[16]  Frederik Armknecht,et al.  A security framework for the analysis and design of software attestation , 2013, CCS.

[17]  Gene Tsudik,et al.  ERASMUS: Efficient remote attestation via self-measurement for unattended settings , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[18]  Hua Liu,et al.  Watch Me, but Don't Touch Me! Contactless Control Flow Monitoring via Electromagnetic Emanations , 2017, CCS.

[19]  Milos Prvulovic,et al.  Spectral profiling: Observer-effect-free profiling by monitoring EM emanations , 2016, 2016 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).

[20]  Adrian Perrig,et al.  VIPER: verifying the integrity of PERipherals' firmware , 2011, CCS '11.

[21]  Ahmad-Reza Sadeghi,et al.  C-FLAT: Control-Flow Attestation for Embedded Systems Software , 2016, CCS.

[22]  Pradeep K. Khosla,et al.  SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[23]  Xeno Kovah,et al.  New Results for Timing-Based Attestation , 2012, 2012 IEEE Symposium on Security and Privacy.

[24]  Haider Adnan Khan,et al.  Malware Detection in Embedded Systems Using Neural Network Model for Electromagnetic Side-Channel Signals , 2019, Journal of Hardware and Systems Security.

[25]  James Newsome,et al.  CARMA: a hardware tamper-resistant isolated execution environment on commodity x86 platforms , 2012, ASIACCS '12.

[26]  Hovav Shacham,et al.  The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86) , 2007, CCS '07.

[27]  Alessandro Orso,et al.  Zero-overhead profiling via EM emanations , 2016, ISSTA.

[28]  Jeffrey H. Reed,et al.  Power fingerprinting in SDR integrity assessment for security and regulatory compliance , 2011 .

[29]  Avesta Sasan,et al.  Ensemble Learning for Effective Run-Time Hardware-Based Malware Detection: A Comprehensive Analysis and Classification , 2018, 2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC).

[30]  Karim Eldefrawy SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust , 2012, NDSS 2012.

[31]  Sencun Zhu,et al.  Distributed Software-based Attestation for Node Compromise Detection in Sensor Networks , 2007, 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007).

[32]  Li Li,et al.  Practical Analysis Framework for Software-Based Attestation Scheme , 2014, ICFEM.

[33]  Adrian Perrig,et al.  SAKE: Software attestation for key establishment in sensor networks , 2008, Ad Hoc Networks.

[34]  Ahmad-Reza Sadeghi,et al.  LO-FAT: Low-Overhead control Flow ATtestation in hardware , 2017, 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).

[35]  Johannes Götzfried,et al.  SOFIA: Software and control flow integrity architecture , 2016, 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[36]  Leah H. Jamieson,et al.  Establishing the Genuinity of Remote Computer Systems , 2003, USENIX Security Symposium.

[37]  Gene Tsudik,et al.  Lightweight Swarm Attestation: A Tale of Two LISA-s , 2017, AsiaCCS.

[38]  Milos Prvulovic,et al.  EDDIE: EM-based detection of deviations in program execution , 2017, 2017 ACM/IEEE 44th Annual International Symposium on Computer Architecture (ISCA).

[39]  Ruby B. Lee,et al.  CloudMonatt: An architecture for security health monitoring and attestation of virtual machines in cloud computing , 2015, 2015 ACM/IEEE 42nd Annual International Symposium on Computer Architecture (ISCA).

[40]  Vijay Varadharajan,et al.  TrustLite: a security architecture for tiny embedded devices , 2014, EuroSys '14.

[41]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[42]  Adi Shamir,et al.  New Cryptographic Primitives Based on Multiword T-Functions , 2004, FSE.

[43]  Dengguo Feng,et al.  Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD , 2004, IACR Cryptol. ePrint Arch..

[44]  Christof Paar,et al.  Building a Side Channel Based Disassembler , 2010, Trans. Comput. Sci..

[45]  Claudio Soriente,et al.  On the difficulty of software-based attestation of embedded devices , 2009, CCS.