Visible to the public SIMPLE: A Remote Attestation Approach for Resource-constrained IoT devices

TitleSIMPLE: A Remote Attestation Approach for Resource-constrained IoT devices
Publication TypeConference Paper
Year of Publication2020
AuthorsAmmar, Mahmoud, Crispo, Bruno, Tsudik, Gene
Conference Name2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS)
Date PublishedApril 2020
PublisherIEEE
ISBN Number978-1-7281-5501-2
Keywordsattestation, composability, Computer architecture, Hardware, Human Behavior, Malware, pubcrawl, Read only memory, reliability, resilience, Resiliency, security
Abstract

Remote Attestation (RA) is a security service that detects malware presence on remote IoT devices by verifying their software integrity by a trusted party (verifier). There are three main types of RA: software (SW)-, hardware (HW)-, and hybrid (SW/HW)-based. Hybrid techniques obtain secure RA with minimal hardware requirements imposed on the architectures of existing microcontrollers units (MCUs). In recent years, considerable attention has been devoted to hybrid techniques since prior software-based ones lack concrete security guarantees in a remote setting, while hardware-based approaches are too costly for low-end MCUs. However, one key problem is that many already deployed IoT devices neither satisfy minimal hardware requirements nor support hardware modifications, needed for hybrid RA. This paper bridges the gap between software-based and hybrid RA by proposing a novel RA scheme based on software virtualization. In particular, it proposes a new scheme, called SIMPLE, which meets the minimal hardware requirements needed for secure RA via reliable software. SIMPLE depends on a formally-verified software-based memory isolation technique, called Security MicroVisor (Sm V). Its reliability is achieved by extending the formally-verified safety and correctness properties to cover the entire software architecture of SIMPLE. Furthermore, SIMPLE is used to construct SIMPLE+, an efficient swarm attestation scheme for static and dynamic heterogeneous IoT networks. We implement and evaluate SIMPLE and SIMPLE+ on Atmel AVR architecture, a common MCU platform.

URLhttps://ieeexplore.ieee.org/document/9096052
DOI10.1109/ICCPS48487.2020.00036
Citation Keyammar_simple_2020