Secure Minimal Architecture for Remote Attestation of Embedded Devices

Gene Tsudik

Remote attestation is the process of securely verifying internal state of a remote hardware platform. It can be achieved either statically (at boot time) or dynamically, at run-time. Prior software-based techniques lack concrete security guarantees, while hardware-based approaches involve security co-processors that are too costly for low-end devices. In this work, we develop a new primitive (called SMART) based on bottom-up hardware/software co-design. SMART represents a simple, efficient and secure approach for establishing a dynamic root of trust in a remote embedded device. It is aimed at low-end micro-controller units (MCUs) that lack specialized memory management or protection features. SMART requires minimal changes to existing MCUs and assumes few restrictions on adversarial capabilities. We demonstrate both practicality and feasibility of SMART on two common MCU platforms.

Speaker Biography

Gene Tsudik is a professor of Computer Science at the University of California, Irvine (UCI). He received his PhD in Computer Science from USC in 1991. Before coming to UCI in 2000, he was at IBM Zurich Research Laboratory (1991-1996) and USC/ISI (1996-2000). Over the years, his research interests included many topics in security and applied cryptography. He currently serves as Director of Secure Computing and Networking Center (SCONCE) and Director of the Networked Systems (NetSys) Graduate Program at UCI. Since 2009, he is the Editor-in-Chief of ACM Transactions on Information and Systems Security (TISSEC).