Remote Attestation for Embedded Systems

Markku Kylänpää (Corresponding author), Aarne Rantala

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    2 Citations (Scopus)

    Abstract

    Large distributed systems, like Industrial Control Systems, should be able to verify that devices that are connected to trusted entities are real authorized network nodes running unmodified firmware. Remote attestation is a mechanism that can provide limited confidence of device identity and integrity. Remote attestation allows a remote verifier, e.g. a service provider, to verify integrity of the connecting system before providing a service. The current standard practice in remote attestation, defined by the Trusted Computing Group (TCG), is based on integrity measurements whose results are stored into an isolated trusted component called Trusted Platform Module (TPM) inside the system to be attested. The proof-of-concept scenario implementing similar functionality using an ARM processor secure environment is discussed. The implementation is done using ARM processor emulator which includes emulation for ARM TrustZone Trusted Execution Environment (TEE) providing isolated trusted component functionality. Challenges and security issues of the chosen approach are discussed.
    Original languageEnglish
    Title of host publicationSecurity of Industrial Control Systems and Cyber Physical Systems
    Subtitle of host publicationCyberICS 2015, WOS-CPS 2015
    PublisherSpringer
    Number of pages15
    ISBN (Electronic)978-3-319-40385-4
    ISBN (Print)978-3-319-40384-7
    DOIs
    Publication statusPublished - 2015
    MoE publication typeA4 Article in a conference publication
    EventConference on Cybersecurity of Industrial Control Systems, Workshop on the Security of Cyper Physical Systems, CyberICS 2015, WOS-CPS 2015 - Vienna, Austria
    Duration: 21 Sep 201522 Sep 2015

    Publication series

    SeriesLecture Notes in Computer Science
    Volume9588

    Conference

    ConferenceConference on Cybersecurity of Industrial Control Systems, Workshop on the Security of Cyper Physical Systems, CyberICS 2015, WOS-CPS 2015
    Abbreviated titleCyberICS 2015, WOS-CPS 2015
    CountryAustria
    CityVienna
    Period21/09/1522/09/15

    Keywords

    • embedded systems
    • industrial control systems
    • internet of things
    • cyber-physical systems
    • security
    • attestation
    • trusted execution environment

    Fingerprint Dive into the research topics of 'Remote Attestation for Embedded Systems'. Together they form a unique fingerprint.

  • Cite this

    Kylänpää, M., & Rantala, A. (2015). Remote Attestation for Embedded Systems. In Security of Industrial Control Systems and Cyber Physical Systems : CyberICS 2015, WOS-CPS 2015 Springer. Lecture Notes in Computer Science, Vol.. 9588 https://doi.org/10.1007/978-3-319-40385-4_6