Biblio

Drones are increasingly being used as mobile data collectors for various monitoring services. However, since they may move around in unattended hostile areas with valuable data, they can be the targets of malicious physical/cyber attacks. These attacks may aim at stealing privacy-sensitive data, including secret keys, and eavesdropping on communications between the drones and the ground station. To detect tampered drones, a code attestation technique is required. However, since attestation itself does not guarantee that the data in the drones' memory are not leaked, data collected by the drones must be protected and secret keys for secure communications must not be leaked. In this paper, we present a solution integrating techniques for software-based attestation, data encryption and secret key protection. We propose an attestation technique that fills up free memory spaces with data repositories. Data repositories consist of pseudo-random numbers that are also used to encrypt collected data. We also propose a group attestation scheme to efficiently verify the software integrity of multiple drones. Finally, to prevent secret keys from being leaked, we utilize a technique that converts short secret keys into large look-up tables. This technique prevents attackers from abusing free space in the data memory by filling up the space with the look-up tables. To evaluate the integrated solution, we implemented it on AR.Drone and Raspberry Pi.

For industrial control systems, ensuring the software integrity of their devices is a key security requirement. A pure software-based attestation solution is highly desirable for protecting legacy field devices that lack hardware root of trust (e.g., Trusted Platform Module). However, for the large population of field devices with ARM processors, existing software-based attestation schemes either incur long attestation time or are insecure. In this paper, we design a novel memory stride technique that significantly reduces the attestation time while remaining secure against known attacks and their advanced variants on ARM platform. We analyze the scheme's security and performance based on the formal framework proposed by Armknecht et al. [7] (with a necessary change to ensure its applicability in practical settings). We also implement memory stride on two models of real-world power grid devices that are widely deployed today, and demonstrate its superior performance.