English
Related papers

Related papers: DIALED: Data Integrity Attestation for Low-end Emb…

200 papers

Data-Flow Integrity (DFI) is a well-known approach to effectively detecting a wide range of software attacks. However, its real-world application has been quite limited so far because of the prohibitive performance overhead it incurs.…

Hardware Architecture · Computer Science 2021-11-30 Lang Feng , Jiayi Huang , Jeff Huang , Jiang Hu

Micro-Controller Units (MCUs) are widely used in safety-critical systems, making them attractive targets for attacks. This calls for lightweight defenses that remain effective despite software compromise. Control Flow Auditing (CFAud) is…

Cryptography and Security · Computer Science 2026-03-03 Alexandra Lengert , Adam Ilyas Caulfield , Ivan De Oliveira Nunes

Modern society is getting accustomed to the Internet of Things (IoT) and Cyber-Physical Systems (CPS) for a variety of applications that involves security-critical user data and information transfers. In the lower end of the spectrum, these…

Cryptography and Security · Computer Science 2023-05-08 Avani Dave Nilanjan Banerjee Chintan Patel

Control Flow Attestation (CFA) allows remote verification of run-time software integrity in embedded systems. However, CFA is limited by the storage/transmission costs of generated control flow logs (CFlog). Recent work has proposed…

Cryptography and Security · Computer Science 2025-07-17 Liam Tyler , Adam Caulfield , Ivan De Oliveira Nunes

A major security challenge for modern Internet of Things (IoT) deployments is to ensure that the devices run legitimate firmware free from malware. This challenge can be addressed through a security primitive called attestation which allows…

Cryptography and Security · Computer Science 2022-01-31 Stefan Hristozov , Moritz Wettermann , Manuel Huber

Timing side-channel attacks exploit variations in program execution time to recover sensitive information. Cryptographic implementations are especially vulnerable to these attacks, since even small timing differences in operations such as…

Cryptography and Security · Computer Science 2026-04-21 Nges Brian Njungle , Edwin P. Kayang , Mishel J. Paul , Michel A. Kinsy

Deep learning-based vulnerability detection has shown great performance and, in some studies, outperformed static analysis tools. However, the highest-performing approaches use token-based transformer models, which are not the most…

Software Engineering · Computer Science 2023-10-03 Benjamin Steenhoek , Hongyang Gao , Wei Le

Modern society is increasingly surrounded by, and accustomed to, a wide range of Cyber-Physical Systems (CPS), Internet-of-Things (IoT), and smart devices. They often perform safety-critical functions, e.g., personal medical devices,…

Cryptography and Security · Computer Science 2020-01-14 Ivan De Oliveira Nunes , Karim Eldefrawy , Norrathep Rattanavipanon , Gene Tsudik

In this work, we take the first step towards formal verification of Remote Attestation (RA) by designing and verifying an architecture called VRASED: Verifiable Remote Attestation for Simple Embedded Devices. VRASED instantiates a hybrid…

Cryptography and Security · Computer Science 2019-05-28 Ivan De Oliveira Nunes , Karim Eldefrawy , Norrathep Rattanavipanon , Michael Steiner , Gene Tsudik

In contemporary Electronic Design Automation (EDA) tools, security often takes a backseat to the primary goals of power, performance, and area optimization. Commonly, the security analysis is conducted by hand, leading to vulnerabilities in…

Cryptography and Security · Computer Science 2024-02-07 Lennart M. Reimann , Anshul Prashar , Chiara Ghinami , Rebecca Pelke , Dominik Sisejkovic , Farhad Merchant , Rainer Leupers

Computing systems, including real-time embedded systems, are becoming increasingly connected to allow for more advanced and safer operation. Such embedded systems are resource-constrained, such as lower processing capabilities, as compared…

Cryptography and Security · Computer Science 2022-08-09 Tanmaya Mishra , Thidapat Chantem , Ryan Gerdes

Static data-flow analysis has proven its effectiveness in assessing security of applications. One major challenge it faces is scalability to large software. This issue is even exacerbated when additional limitations on computing and storage…

Software Engineering · Computer Science 2018-08-08 Mohamed Nassim Seghir

Modern software systems have become increasingly complex, which makes them difficult to test and validate. Detecting software partial anomalies in complex systems at runtime can assist with handling unintended software behaviors, avoiding…

Software Engineering · Computer Science 2022-04-27 Shiyi Kong , Jun Ai , Minyan Lu , Shuguang Wang , W. Eric Wong

Fault injection attacks (FIA) pose significant security threats to embedded systems as they exploit weaknesses across multiple layers, including system software, instruction set architecture (ISA), microarchitecture, and physical hardware.…

Cryptography and Security · Computer Science 2025-10-24 Arsalan Ali Malik , Harshvadan Mihir , Aydin Aysu

Fault attacks enable adversaries to manipulate the control-flow of security-critical applications. By inducing targeted faults into the CPU, the software's call graph can be escaped and the control-flow can be redirected to arbitrary…

Cryptography and Security · Computer Science 2023-03-27 Pascal Nasahl , Salmin Sultana , Hans Liljestrand , Karanvir Grewal , Michael LeMay , David M. Durham , David Schrammel , Stefan Mangard

With the rapidly evolving next-generation systems-of-systems, we face new security, resilience, and operational assurance challenges. In the face of the increasing attack landscape, it is necessary to cater to efficient mechanisms to verify…

Cryptography and Security · Computer Science 2021-07-13 Heini Bergsson Debes , Thanassis Giannetsos , Ioannis Krontiris

Dynamic Information Flow Tracking (DIFT) is a technique to track potential security vulnerabilities in software and hardware systems at run time. The last fifteen years have seen a lot of research work on DIFT, including both hardware-based…

Cryptography and Security · Computer Science 2019-11-14 Ali Jahanshahi

The inference phase of deep neural networks (DNNs) in embedded systems is increasingly vulnerable to fault attacks and failures, which can result in incorrect predictions. These vulnerabilities can potentially lead to catastrophic…

Cryptography and Security · Computer Science 2026-03-20 Kasra Ahmadi , Saeed Aghapour , Mehran Mozaffari Kermani , Reza Azarderakhsh

Remote attestation (RA) is a popular means of detecting malware in embedded and IoT devices. RA is usually realized as an interactive protocol, whereby a trusted party -- verifier -- measures integrity of a potentially compromised remote…

Cryptography and Security · Computer Science 2017-07-31 Xavier Carpent , Norrathep Rattanavipanon , Gene Tsudik

Interconnected embedded devices are increasingly used invarious scenarios, including industrial control, building automation, or emergency communication. As these systems commonly process sensitive information or perform safety critical…

Cryptography and Security · Computer Science 2017-01-30 Florian Kohnhäuser , Niklas Büscher , Sebastian Gabmeyer , Stefan Katzenbeisser