IIoTEED: An Enhanced, Trusted Execution Environment for Industrial IoT Edge Devices

With the advent of the Internet of Things (IoT), security has emerged as a major design goal for smart connected devices. This explosion in connectivity created a larger attack surface area. Software-based approaches have been applied for security purposes; however, these methods must be extended with security-oriented technologies that promote hardware as the root of trust. The ARM TrustZone can enable trusted execution environments (TEEs), but existing solutions disregard real-time needs. Here, the authors demonstrate why TrustZone is becoming a reference technology for securing IoT edge devices, and how enhanced TEEs can help meet industrial IoT applications real-time requirements.

[1]  Johannes Winter,et al.  The ANDIX research OS — ARM TrustZone meets industrial control systems security , 2015, 2015 IEEE 13th International Conference on Industrial Informatics (INDIN).

[2]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[3]  Johannes Winter,et al.  Trusted computing building blocks for embedded linux-based ARM trustzone platforms , 2008, STC '08.

[4]  Jorge Pereira,et al.  Towards a lightweight embedded virtualization architecture exploiting ARM TrustZone , 2014, Proceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA).

[5]  Johannes Winter,et al.  Hardware-security technologies for industrial IoT: TrustZone and security controller , 2015, IECON 2015 - 41st Annual Conference of the IEEE Industrial Electronics Society.

[6]  Hannes Tschofenig,et al.  Securing the Internet of Things: A Standardization Perspective , 2014, IEEE Internet of Things Journal.

[7]  Francois Armand,et al.  A Practical Look at Micro-Kernels and Virtual Machine Monitors , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.

[8]  Ahmad-Reza Sadeghi,et al.  Security and privacy challenges in industrial Internet of Things , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[9]  Brent Byunghoon Kang,et al.  SeCReT: Secure Channel between Rich Execution Environment and Trusted Execution Environment , 2015, NDSS.

[10]  Wu He,et al.  Internet of Things in Industries: A Survey , 2014, IEEE Transactions on Industrial Informatics.

[11]  Quan Chen,et al.  Hypervision Across Worlds: Real-time Kernel Protection from the ARM TrustZone Secure World , 2014, CCS.

[12]  Ivan Cibrario Bertolotti,et al.  Virtual machines for distributed real-time systems , 2009, Comput. Stand. Interfaces.

[13]  Peter Wilson,et al.  Implementing Embedded Security on Dual-Virtual-CPU Systems , 2007, IEEE Design & Test of Computers.