Visible to the public Secure and Efficient Software-Based Attestation for Industrial Control Devices with ARM Processors

TitleSecure and Efficient Software-Based Attestation for Industrial Control Devices with ARM Processors
Publication TypeConference Paper
Year of Publication2017
AuthorsChen, Binbin, Dong, Xinshu, Bai, Guangdong, Jauhar, Sumeet, Cheng, Yueqiang
Conference NameProceedings of the 33rd Annual Computer Security Applications Conference
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5345-8
KeywordsARM processors, composability, industrial control devices, memory stride, pubcrawl, Resiliency, software-based attestation, trusted platform modules
Abstract

For industrial control systems, ensuring the software integrity of their devices is a key security requirement. A pure software-based attestation solution is highly desirable for protecting legacy field devices that lack hardware root of trust (e.g., Trusted Platform Module). However, for the large population of field devices with ARM processors, existing software-based attestation schemes either incur long attestation time or are insecure. In this paper, we design a novel memory stride technique that significantly reduces the attestation time while remaining secure against known attacks and their advanced variants on ARM platform. We analyze the scheme's security and performance based on the formal framework proposed by Armknecht et al. [7] (with a necessary change to ensure its applicability in practical settings). We also implement memory stride on two models of real-world power grid devices that are widely deployed today, and demonstrate its superior performance.

URLhttps://dl.acm.org/citation.cfm?doid=3134600.3134621
DOI10.1145/3134600.3134621
Citation Keychen_secure_2017