DIALED: Data Integrity Attestation for Low-end Embedded Devices
Verifying integrity of software execution in low-end microcontroller units (MCUs) is a well-known open problem. The central challenge is how to securely detect software exploits with minimal overhead, since these MCUs are designed for low cost, low energy and small size. Some recent work yielded ine...
Uloženo v:
| Vydáno v: | 2021 58th ACM/IEEE Design Automation Conference (DAC) s. 313 - 318 |
|---|---|
| Hlavní autoři: | , , |
| Médium: | Konferenční příspěvek |
| Jazyk: | angličtina |
| Vydáno: |
IEEE
05.12.2021
|
| Témata: | |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | Verifying integrity of software execution in low-end microcontroller units (MCUs) is a well-known open problem. The central challenge is how to securely detect software exploits with minimal overhead, since these MCUs are designed for low cost, low energy and small size. Some recent work yielded inexpensive hardware/software co-designs for remotely verifying code and execution integrity. In particular, a means of detecting unauthorized code modifications and control-flow attacks were proposed, referred to as Remote Attestation (ℛA) and Control-Flow Attestation (CFA), respectively. Despite this progress, detection of data-only attacks remains elusive. Such attacks exploit software vulnerabilities to corrupt intermediate computation results stored in data memory, changing neither the program code nor its control flow. Motivated by lack of any current techniques (for low-end MCUs) that detect these attacks, in this paper we propose, implement and evaluate DIALED, the first Data-Flow Attestation (CFA) technique applicable to the most resource-constrained embedded devices (e.g., TI MSP430). DIALED works in tandem with a companion CFA scheme to detect all (currently known) types of runtime software exploits at fairly low cost. |
|---|---|
| AbstractList | Verifying integrity of software execution in low-end microcontroller units (MCUs) is a well-known open problem. The central challenge is how to securely detect software exploits with minimal overhead, since these MCUs are designed for low cost, low energy and small size. Some recent work yielded inexpensive hardware/software co-designs for remotely verifying code and execution integrity. In particular, a means of detecting unauthorized code modifications and control-flow attacks were proposed, referred to as Remote Attestation (ℛA) and Control-Flow Attestation (CFA), respectively. Despite this progress, detection of data-only attacks remains elusive. Such attacks exploit software vulnerabilities to corrupt intermediate computation results stored in data memory, changing neither the program code nor its control flow. Motivated by lack of any current techniques (for low-end MCUs) that detect these attacks, in this paper we propose, implement and evaluate DIALED, the first Data-Flow Attestation (CFA) technique applicable to the most resource-constrained embedded devices (e.g., TI MSP430). DIALED works in tandem with a companion CFA scheme to detect all (currently known) types of runtime software exploits at fairly low cost. |
| Author | Jakkamsetti, Sashidhar Tsudik, Gene De Oliveira Nunes, Ivan |
| Author_xml | – sequence: 1 givenname: Ivan surname: De Oliveira Nunes fullname: De Oliveira Nunes, Ivan email: ivanoliv@uci.edu organization: University of California,Irvine – sequence: 2 givenname: Sashidhar surname: Jakkamsetti fullname: Jakkamsetti, Sashidhar email: sjakkams@uci.edu organization: University of California,Irvine – sequence: 3 givenname: Gene surname: Tsudik fullname: Tsudik, Gene email: gene.tsudik@uci.edu organization: University of California,Irvine |
| BookMark | eNotj8tKxDAYRiMoqGOfQIS8QGsuzc2NlHZGCwU3uh7S5P8l4LTSBmXe3gFn8x3O5sB3Sy6neQJCHjirOGfusWtabpmpK8EEr5yy-qQXpHDGcq1VLYWp2TUp1jWNTDNl69PekOeub4Zt90Q7nz3tpwyfS8pH2uQMa_Y5zRPFeaHD_FvCFOn2MEKMEGkHPynAekeu0H-tUJy5IR-77Xv7Wg5vL33bDKUX1uRSKK0ZCjaiGNEhRme0URIVelmj1jIgD6PydrQcwQWjI5OKccmDcEGC3JD7_24CgP33kg5-Oe7PN-Uf3EFJOg |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IH CBEJK RIE RIO |
| DOI | 10.1109/DAC18074.2021.9586180 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP) 1998-present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781665432740 1665432748 |
| EndPage | 318 |
| ExternalDocumentID | 9586180 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: Semiconductor Research Corporation funderid: 10.13039/100000028 |
| GroupedDBID | 6IE 6IH ACM ALMA_UNASSIGNED_HOLDINGS CBEJK RIE RIO |
| ID | FETCH-LOGICAL-a287t-25660f20bf2bf9ffd976753f5fa34f663cf1cb5a8b81fe9c76d0350131c29c3e3 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 14 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000766079700053&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 02:28:29 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a287t-25660f20bf2bf9ffd976753f5fa34f663cf1cb5a8b81fe9c76d0350131c29c3e3 |
| PageCount | 6 |
| ParticipantIDs | ieee_primary_9586180 |
| PublicationCentury | 2000 |
| PublicationDate | 2021-Dec.-5 |
| PublicationDateYYYYMMDD | 2021-12-05 |
| PublicationDate_xml | – month: 12 year: 2021 text: 2021-Dec.-5 day: 05 |
| PublicationDecade | 2020 |
| PublicationTitle | 2021 58th ACM/IEEE Design Automation Conference (DAC) |
| PublicationTitleAbbrev | DAC |
| PublicationYear | 2021 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssib060584060 |
| Score | 2.328045 |
| Snippet | Verifying integrity of software execution in low-end microcontroller units (MCUs) is a well-known open problem. The central challenge is how to securely detect... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 313 |
| SubjectTerms | Codes Costs Data integrity Design automation Microcontrollers Performance evaluation Runtime |
| Title | DIALED: Data Integrity Attestation for Low-end Embedded Devices |
| URI | https://ieeexplore.ieee.org/document/9586180 |
| WOSCitedRecordID | wos000766079700053&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LSwMxEA61ePCk0opvcvDotpvNJtl4kdJtsVBKDwq9lbwGPLiVdqt_3yRdK4IXbyEQwuQx3zeZzAxCd0bn2giTJ0T425Qz8FeKKpZIJyTPbJYXALHYhJjNisVCzlvofh8L45yLn89cLzSjL9-uzDY8lfUlKzgpvIF-IATfxWp9n53g3fPYlDZBOiSV_XIwJCHVizcCM9Jrxv4qohIxZHz8v9lPUPcnGA_P9zBzilqu6qDHcjKYjsoHXKpa4UnM-eD5NB7UnjruvOvY01E8XX0mrrJ49KadVzEWly6qhi56GY-eh09JUwshUd6mqRPPTHgKWaoh0yABrAxZWCgwUDQHTxsMEKOZKnRBwEkjuI0-Q0pMJg119Ay1q1XlzhFOmeNKe2SG1HjjjGhmWW4DMFkDjNML1AnCL9936S6WjdyXf3dfoaOwvvGHB7tG7Xq9dTfo0HzUr5v1bdyjL69EkPg |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1LSwMxEA6lCnpSacW3OXh022Q32d14kdJtaXEtPVTorWweAx7clrrVv2-SrhXBi7cQCGHymO-bTGYGoTslmVSJYgFN7G1iHOyVigoeCJOIONQhSwF8sYlkMknnczFtoPtdLIwxxn8-Mx3X9L58vVQb91TWFTyNaWoN9D3OWEi20Vrfp8f59yw6kTpMhxLRzXp96pK9WDMwpJ169K8yKh5Fhkf_m_8YtX_C8fB0BzQnqGHKFnrMxr18kD3grKgKPPZZHyyjxr3Kksetfx1bQorz5WdgSo0Hb9JYJaNxZrxyaKOX4WDWHwV1NYSgsFZNFVhuEhMIiYRQggDQwuVhiYBDETGwxEEBVZIXqUwpGKGSWHuvYURVKFRkolPULJelOUOYcBMX0mIzEGXNMyq55kw7aNIKeBydo5YTfrHaJrxY1HJf_N19iw5Gs-d8kY8nT5fo0K21_-_Br1CzWm_MNdpXH9Xr-_rG79cXbhCUPw |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2021+58th+ACM%2FIEEE+Design+Automation+Conference+%28DAC%29&rft.atitle=DIALED%3A+Data+Integrity+Attestation+for+Low-end+Embedded+Devices&rft.au=De+Oliveira+Nunes%2C+Ivan&rft.au=Jakkamsetti%2C+Sashidhar&rft.au=Tsudik%2C+Gene&rft.date=2021-12-05&rft.pub=IEEE&rft.spage=313&rft.epage=318&rft_id=info:doi/10.1109%2FDAC18074.2021.9586180&rft.externalDocID=9586180 |