IoTrust - a HW/SW framework supporting security core baseline features for IoT
Mateusz Korona, Bartosz Zabołotny, Fryderyk Kozioł, Mateusz Biernacki, Radosław Giermakowski, Paweł Rurka, Marta Chmiel, Mariusz Rawski
DOI: http://dx.doi.org/10.15439/2023F6946
Citation: Proceedings of the 18th Conference on Computer Science and Intelligence Systems, M. Ganzha, L. Maciaszek, M. Paprzycki, D. Ślęzak (eds). ACSIS, Vol. 35, pages 1029–1034 (2023)
Abstract. The rapid growth of the Internet of Things has significant security implications. In the current IoT security landscape, many institutions and entities are defining security requirements, but no industry-wide standard has been agreed upon. There are solutions in the present state-of-the-art that fulfill a subset of secure IoT device requirements, but none adheres to all of them. However, the existing technologies introduced by those solutions could be combined to create a design framework which provides security baseline features to support requirements of a secure IoT device. In this paper, a configurable and comprehensive hardware-software security framework is proposed, that, when applied in the process of designing System on Chip for IoT, will ensure their cybersecurity by providing security core baseline features. The proposed sollution is CPU-agnostic, in the sense that no assumptions are made about the CPU's support for privilege levels, memory protection schemes, or any security mechanisms.
References
- P. I. Radoglou Grammatikis, P. G. Sarigiannidis, and I. D. Moscholios, “Securing the internet of things: Challenges, threats and solutions,” Internet of Things, vol. 5, pp. 41–70, 2019. http://dx.doi.org/10.1016/j.iot.2018.11.003.
- M. Fagan, K. N. Megas, K. Scarfone, and M. Smith, “IoT device cybersecurity capability core baseline,” tech. rep., National Institute of Standards and Technology, Gaithersburg, MD, may 2020. doi: 10.6028/NIST.IR.8259a.
- M. Chmiel, M. Korona, F. Kozioł, K. Szczypiorski, and M. Rawski, “Discussion on IoT Security Recommendations against the State-of-the-Art Solutions,” Electronics, vol. 10, no. 15, 2021. http://dx.doi.org/10.3390/electronics10151814.
- M. Sabt, M. Achemlal, and A. Bouabdallah, “Trusted execution environment: What it is, and what it is not,” 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 57–64, 2015. http://dx.doi.org/10.1109/Trustcom.2015.357.
- A. Ehret, E. Del Rosario, K. Gettings, and M. A. Kinsy, “A hardware root-of-trust design for low-power soc edge devices,” in 2020 IEEE High Performance Extreme Computing Conference (HPEC), pp. 1–6, 2020. http://dx.doi.org/10.1109/HPEC43674.2020.9286164.
- T. Idriss, H. Idriss, and M. Bayoumi, “A puf-based paradigm for iot security,” in 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), pp. 700–705, 2016. http://dx.doi.org/10.1109/WF-IoT.2016.7845456.
- S. Pinto and N. Santos, “Demystifying arm trustzone: A comprehensive survey,” ACM Comput. Surv., vol. 51, jan 2019. http://dx.doi.org/10.1145/3291047.
- I. Anati, S. Gueron, S. Johnson, and V. Scarlata, “Innovative technology for cpu based attestation and sealing,” in Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy, vol. 13, p. 7, ACM New York, NY, USA, 2013.
- D. Lee, D. Kohlbrenner, S. Shinde, K. Asanović, and D. Song, “Keystone: An open framework for architecting trusted execution environments,” in Proceedings of the Fifteenth European Conference on Computer Systems, EuroSys ’20, (New York, NY, USA), Association for Computing Machinery, 2020. http://dx.doi.org/10.1145/3342195.3387532.
- “Opentitan - open source silicon root of trust.” https://opentitan.org/. Accessed on 30.06.2021.
- R. Bahmani, F. Brasser, G. Dessouky, P. Jauernig, M. Klimmek, A.-R. Sadeghi, and E. Stapf, “CURE: A security architecture with CUstomizable and resilient enclaves,” in 30th USENIX Security Symposium (USENIX Security 21), pp. 1073–1090, USENIX Association, Aug. 2021. http://dx.doi.org/10.48550/arXiv.2010.15866.
- T. Electronics, “TE0712 WIKI.” https://wiki.trenz-electronic.de/display/PD/TE0712+Resources, 2023. Accessed on 21.05.2023.