TyTAN: Tiny trust anchor for tiny devices

Embedded systems are at the core of many security-sensitive and safety-critical applications, including automotive, industrial control systems, and critical infrastructures. Existing protection mechanisms against (software-based) malware are inflexible, too complex, expensive, or do not meet real-time requirements. We present TyTAN, which, to the best of our knowledge, is the first security architecture for embedded systems that provides (1) hardware-assisted strong isolation of dynamically configurable tasks and (2) real-time guarantees. We implemented TyTAN on the Intel® Siskiyou Peak embedded platform and demonstrate its efficiency and effectiveness through extensive evaluation.

[1]  Shwetak N. Patel,et al.  Experimental Security Analysis of a Modern Automobile , 2010, 2010 IEEE Symposium on Security and Privacy.

[2]  David M. Nicol Hacking the lights out , 2011 .

[3]  Frank Piessens,et al.  Sancus: Low-cost Trustworthy Extensible Networked Devices with a Zero-software Trusted Computing Base , 2013, USENIX Security Symposium.

[4]  Johannes Winter,et al.  Trusted computing building blocks for embedded linux-based ARM trustzone platforms , 2008, STC '08.

[5]  Frank Piessens,et al.  Secure interrupts on low-end microcontrollers , 2014, 2014 IEEE 25th International Conference on Application-Specific Systems, Architectures and Processors.

[6]  Jonathan M. McCune,et al.  OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms , 2013, CCS.

[7]  Vladimir Getov,et al.  Extreme-Scale Computing–Where 'Just More of the Same' Does Not Work , 2009, Computer.

[8]  Vijay Varadharajan,et al.  TrustLite: a security architecture for tiny embedded devices , 2014, EuroSys '14.

[9]  Adrian Perrig,et al.  VIPER: verifying the integrity of PERipherals' firmware , 2011, CCS '11.

[10]  Adrian Perrig,et al.  TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.

[11]  Aurélien Francillon,et al.  A Large-Scale Analysis of the Security of Embedded Firmwares , 2014, USENIX Security Symposium.

[12]  Frank Piessens,et al.  Efficient Isolation of Trusted Subsystems in Embedded Systems , 2010, SecureComm.

[13]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[14]  Frederik Armknecht,et al.  A security framework for the analysis and design of software attestation , 2013, CCS.

[15]  Pradeep K. Khosla,et al.  SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[16]  Salvatore J. Stolfo,et al.  A quantitative analysis of the insecurity of embedded network devices: results of a wide-area scan , 2010, ACSAC '10.

[17]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[18]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003, ICS.

[19]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[20]  Jonathan M. McCune,et al.  Efficient TCB Reduction and Attestation , 2009 .

[21]  Leah H. Jamieson,et al.  Establishing the Genuinity of Remote Computer Systems , 2003, USENIX Security Symposium.

[22]  Gene Tsudik,et al.  SMART: Secure and Minimal Architecture for (Establishing Dynamic) Root of Trust , 2012, NDSS.

[23]  Ragunathan Rajkumar,et al.  Real-Time Operating Systems , 2004, Real-Time Systems.

[24]  Claude Castelluccia,et al.  Code injection attacks on harvard-architecture devices , 2008, CCS.