Related papers: Formally Verified Hardware/Software Co-Design for …
Remote Attestation (RA) allows a trusted entity (verifier) to securely measure internal state of a remote untrusted hardware platform (prover). RA can be used to establish a static or dynamic root of trust in embedded and cyber-physical…
Widespread adoption and growing popularity of embedded/IoT/CPS devices make them attractive attack targets. On low-to-mid-range devices, security features are typically few or none due to various constraints. Such devices are thus subject…
Modern society is increasingly surrounded by, and accustomed to, a wide range of Cyber-Physical Systems (CPS), Internet-of-Things (IoT), and smart devices. They often perform safety-critical functions, e.g., personal medical devices,…
The Internet of Things (IoT) is an emerging paradigm that allows to set large networks of small and independent devices. To ensure their integrity, practitioners employ so-called Remote Attestation (RA) schemes. Classic RA schemes require a…
Remote attestation (RA) is a popular means of detecting malware in embedded and IoT devices. RA is usually realized as an interactive protocol, whereby a trusted party -- verifier -- measures integrity of a potentially compromised remote…
With the increased utilization, the small embedded and IoT devices have become an attractive target for sophisticated attacks that can exploit the devices security critical information and data in malevolent activities. Secure boot and…
With the rising number of IoT devices, the security of such devices becomes increasingly important. Remote attestation (RA) is a distinct security service that allows a remote verifer to reason about the state of an untrusted remote prover…
The growing pervasiveness of Internet of Things (IoT) expands the attack surface by connecting more and more attractive attack targets, i.e. embedded devices, to the Internet. One key component in securing these devices is software…
Trusted Execution Environments (TEEs), such as Intel Software Guard Extensions (SGX), ensure the confidentiality and integrity of user applications when using cloud computing resources. However, in the multi-party cloud computing scenario,…
Remote attestation (RA) is the foundation for trusted execution environments in the cloud and trusted device driver onboarding in operating systems. However, RA misses a rigorous mechanized definition of its security properties in one of…
To keep a system secure, all devices in the system need to be benign. To avoid malicious and/or compromised devices, network access control such as authentication using a credential and remote attestation based on trusted hardware has been…
Modern society is getting accustomed to the Internet of Things (IoT) and Cyber-Physical Systems (CPS) for a variety of applications that involves security-critical user data and information transfers. In the lower end of the spectrum, these…
Verifying integrity of software execution in low-end micro-controller units (MCUs) is a well-known open problem. The central challenge is how to securely detect software exploits with minimal overhead, since these MCUs are designed for low…
Guaranteeing runtime integrity of embedded system software is an open problem. Trade-offs between security and other priorities (e.g., cost or performance) are inherent, and resolving them is both challenging and important. The…
Remote attestation schemes have been utilized for assuring the integrity of a network node to a remote verifier. In recent years, a number of remote attestation schemes have been proposed for various contexts such as cloud computing,…
The introduction of remote attestation (RA) schemes has allowed academia and industry to enhance the security of their systems. The commercial products currently available enable only the validation of static properties, such as…
The current verification flow of complex systems uses different engines synergistically: virtual prototyping, formal verification, simulation, emulation and FPGA prototyping. However, none is able to verify a complete architecture.…
With the rapidly evolving next-generation systems-of-systems, we face new security, resilience, and operational assurance challenges. In the face of the increasing attack landscape, it is necessary to cater to efficient mechanisms to verify…
Recently, secure in-network aggregation in wireless sensor networks becomes a challenge issue, there is an extensive research on this area due to the large number of applications where the sensors are deployed and the security needs. In the…
Low-end embedded devices are increasingly used in various smart applications and spaces. They are implemented under strict cost and energy budgets, using microcontroller units (MCUs) that lack security features available in general-purpose…