Embedded computing devices (such as actuators, controllers and sensors of various sizes) increasingly permeate many aspects of modern life: from medical to automotive, from building and factory automation to weapons, from critical infrastructures to home entertainment. Despite their specialized nature as well as limited resources and connectivity, these devices are now becoming an increasingly popular and attractive target for attacks, especially, malware infestations. A number of research proposals have been made to detect and/or mitigate such attacks. They vary greatly in terms of application generality and underlying assumptions. However, one common theme is the need for Remote Attestation, a distinct security service that allows a trusted party (verifier) to check the internal state of a remote untrusted embedded device (prover).
In this project, we stay clear of both efficient-but-limited software-based techniques and heavy-weight TPM-based approaches to attestation. We focus on the design space area that has not been previously explored by utilizing a software/hardware co-design approach to architect an attestation mechanism with minimal hardware requirements.
FUNDING:
Our research is, or has been, supported, in part, by funding from:
- Semiconductor Research Corporation (SRC), under contract 2019-TS-2907
- Department of Homeland Security, under subcontract from the HRL Laboratories (until 09/18)
- Army Research Office (ARO) under contract W911NF-16-1-0536
- National Science Foundation (NSF) WiFiUS Program Award #: 1702911
- National Security Agency (NSA), under contract H98230-15-1-0276 (until 12/16)
Copyright 2010, sprout.ics.uci.edu