Secure and efficient software-based attestation for industrial control devices with arm processors

Chen, B; Dong, X; Bai, G; Jauhar, S; Cheng, Y

doi:10.1145/3134600.3134621

View/Open

Bai213842-Accepted.pdf (1.438Mb)

File version

Accepted Manuscript (AM)

Author(s)

Chen, B

Dong, X

Bai, G

Jauhar, S

Cheng, Y

Griffith University Author(s)

Bai, Guangdong

Year published

2017

Metadata

Show full item record

Abstract

For industrial control systems, ensuring the software integrity of their devices is a key security requirement. A pure software-based attestation solution is highly desirable for protecting legacy field devices that lack hardware root of trust (e.g., Trusted Platform Module). However, for the large population of field devices with ARM processors, existing software-based attestation schemes either incur long attestation time or are insecure. In this paper, we design a novel memory stride technique that significantly reduces the attestation time while remaining secure against known attacks and their advanced variants on ARM ...
View more >For industrial control systems, ensuring the software integrity of their devices is a key security requirement. A pure software-based attestation solution is highly desirable for protecting legacy field devices that lack hardware root of trust (e.g., Trusted Platform Module). However, for the large population of field devices with ARM processors, existing software-based attestation schemes either incur long attestation time or are insecure. In this paper, we design a novel memory stride technique that significantly reduces the attestation time while remaining secure against known attacks and their advanced variants on ARM platform. We analyze the scheme's security and performance based on the formal framework proposed by Armknecht et al. [7] (with a necessary change to ensure its applicability in practical settings). We also implement memory stride on two models of real-world power grid devices that are widely deployed today, and demonstrate its superior performance.
View less >

Conference Title

ACSAC 2017: Proceedings of the 33rd Annual Computer Security Applications Conference

DOI

https://doi.org/10.1145/3134600.3134621

Copyright Statement

© ACM, 2017. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in ACSAC 2017: Proceedings of the 33rd Annual Computer Security Applications Conference, ISBN: 978-1-4503-5345-8, https://doi.org/10.1145/3134600.3134621

Subject

Artificial intelligence

Software engineering

Publication URI

http://hdl.handle.net/10072/411916

Collection

Conference outputs