English
Related papers

Related papers: CASU: Compromise Avoidance via Secure Update for L…

200 papers

OS compromise is one of the most serious computer security problems today, but still not being resolved. Although people proposed different kinds of methods, they could not be accepted by most users who are non-expert due to the lack of…

Operating Systems · Computer Science 2016-09-06 Zhiyong Shan

Secure firmware update is an important stage in the IoT device life-cycle. Prior techniques, designed for other computational settings, are not readily suitable for IoT devices, since they do not consider idiosyncrasies of a realistic…

Cryptography and Security · Computer Science 2018-10-19 N. Asokan , Thomas Nyman , Norrathep Rattanavipanon , Ahmad-Reza Sadeghi , Gene Tsudik

Run Time Assurance (RTA) Systems are online verification mechanisms that filter an unverified primary controller output to ensure system safety. The primary control may come from a human operator, an advanced control approach, or an…

Systems and Control · Electrical Eng. & Systems 2023-03-28 Kerianne Hobbs , Mark Mote , Matthew Abate , Samuel Coogan , Eric Feron

Control Flow Attestation (CFA) offers a means to detect control flow hijacking attacks on remote devices, enabling verification of their runtime trustworthiness. CFA generates a trace (CFLog) containing the destination of all branching…

Cryptography and Security · Computer Science 2024-10-01 Adam Caulfield , Antonio Joia Neto , Norrathep Rattanavipanon , Ivan De Oliveira Nunes

Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a remote, and potentially malware-infected, device…

Cryptography and Security · Computer Science 2016-08-18 Tigist Abera , N. Asokan , Lucas Davi , Jan-Erik Ekberg , Thomas Nyman , Andrew Paverd , Ahmad-Reza Sadeghi , Gene Tsudik

With the increased utilization, the small embedded and IoT devices have become an attractive target for sophisticated attacks that can exploit the devices security critical information and data in malevolent activities. Secure boot and…

Cryptography and Security · Computer Science 2023-04-25 Avani Dave , Nilanjan Banerjee , Chintan Patel

Current vehicular Intrusion Detection and Prevention Systems either incur high false-positive rates or do not capture zero-day vulnerabilities, leading to safety-critical risks. In addition, prevention is limited to few primitive options…

Cryptography and Security · Computer Science 2023-07-11 Ali Shoker , Vincent Rahli , Jeremie Decouchant , Paulo Esteves-Verissimo

Embedded systems are ubiquitous and play critical roles in management systems for industry and transport. Software failures in these domains may lead to loss of production or even loss of life, so the software in these systems needs to be…

Software Engineering · Computer Science 2021-11-17 Per Erik Strandberg

Autonomous systems must sustain justified confidence in their correctness and safety across their operational lifecycle-from design and deployment through post-deployment evolution. Traditional assurance methods often separate…

Software Engineering · Computer Science 2025-11-20 Dhaminda B. Abeywickrama , Michael Fisher , Frederic Wheeler , Louise Dennis

The architecture of a system captures important design decisions for the system. Over time, changes in a system's implementation may lead to violations of specific design decisions. This problem is common in industry and known as…

Software Engineering · Computer Science 2019-09-16 Diego Marmsoler , Ana Petrovska

Lower-end IoT devices typically have strict cost constraints that rule out usual security mechanisms available in general-purpose computers or higher-end devices. To secure low-end devices, various low-cost security architectures have been…

Cryptography and Security · Computer Science 2024-01-12 Ivan De Oliveira Nunes , Sashidhar Jakkamsetti , Norrathep Rattanavipanon , Gene Tsudik

Recent IoT applications gradually adapt more complicated end systems with commodity software. Ensuring the runtime integrity of these software is a challenging task for the remote controller or cloud services. Popular enforcement is the…

Cryptography and Security · Computer Science 2021-12-14 Yumei Zhang , Xinzhi Liu , Cong Sun , Dongrui Zeng , Gang Tan , Xiao Kan , Siqi Ma

In this work, we outline a cross-domain assurance process for safety-relevant software in embedded systems. This process aims to be applied in various different application domains and in conjunction with any development methodology. With…

Software Engineering · Computer Science 2021-06-07 Marc Zeller , Kai Hoefig , Martin Rothfelder

A runtime assurance system (RTA) for a given plant enables the exercise of an untrusted or experimental controller while assuring safety with a backup (or safety) controller. The relevant computational design problem is to create a logic…

Systems and Control · Electrical Eng. & Systems 2023-10-09 Kristina Miller , Christopher K. Zeitler , William Shen , Kerianne Hobbs , Sayan Mitra , John Schierman , Mahesh Viswanathan

Control-Flow Attestation (CFA) is a security service that allows an entity (verifier) to verify the integrity of code execution on a remote computer system (prover). Existing CFA schemes suffer from impractical assumptions, such as…

Cryptography and Security · Computer Science 2024-03-13 Marco Chilese , Richard Mitev , Meni Orenbach , Robert Thorburn , Ahmad Atamli , Ahmad-Reza Sadeghi

Modern IoT and embedded platforms must start execution from a known trusted state to thwart malware, ensure secure firmware updates, and protect critical infrastructure. Current approaches to establish a root of trust depend on secret keys…

Cryptography and Security · Computer Science 2025-09-30 Friedrich Doku , Peter Dinda

Remote run-time attestation methods, including Control Flow Attestation (CFA) and Data Flow Attestation (DFA), have been proposed to generate precise evidence of execution's control flow path (in CFA) and optionally execution data inputs…

Cryptography and Security · Computer Science 2025-07-08 Adam Caulfield , Norrathep Rattanavipanon , Ivan De Oliveira Nunes

The increase in network connectivity has also resulted in several high-profile attacks on cyber-physical systems. An attacker that manages to access a local network could remotely affect control performance by tampering with sensor…

Optimization and Control · Mathematics 2018-01-15 Ilija Jovanov , Miroslav Pajic

Interconnected embedded devices are increasingly used invarious scenarios, including industrial control, building automation, or emergency communication. As these systems commonly process sensitive information or perform safety critical…

Cryptography and Security · Computer Science 2017-01-30 Florian Kohnhäuser , Niklas Büscher , Sebastian Gabmeyer , Stefan Katzenbeisser

Trusted computing defines how to securely measure, store, and verify the integrity of software controlling a computer. One of the major challenges that make them hard to be applied in practice is the issue with software updates.…

Cryptography and Security · Computer Science 2021-01-06 Wojciech Ozga , Do Le Quoc , Christof Fetzer