Title: Lightweight and flexible trust assessment modules for the Internet of Things
Authors: Mühlberg, Tobias
Noorman, Job
Piessens, Frank
Issue Date: 18-Oct-2015
Publisher: SQS, Software Quality Systems
Host Document: 14th International Conference on Software QA and Testing on Embedded Systems (QA&Test)
Conference: QA&Test edition:14 location:Bilbao, Spain date:16-18 October 2015
Abstract: In this paper we describe a novel approach to securely obtain measurements
with respect to the integrity of software running on a low-cost and
low-power computing node on demand. We propose to use these measurements
as an indication of the trustworthiness of that node. Our approach is
based on recent developments in Program Counter Based Access Control.
Specifically, we employ Sancus, a light-weight hardware-only Trusted
Computing Base and Protected Module Architecture, to integrate trust
assessment modules into an untrusted embedded OS without using a
hypervisor. Sancus ensures by means of hardware extensions that code and
data of a protected module cannot be tampered with, and that the module's
data remains confidential. Sancus further provides cryptographic
primitives that are employed by our approach to enable the trust management
system to verify that the obtained trust metrics are authentic and fresh.
Thus, our trust assessment modules can inspect the OS or application code
and securely report trust metrics to an external trust management system.
We outline a prototypic implementation of our approach that integrates
Sancus-protected trust assessment modules with the Contiki OS, running on a
Sancus-enabled TI MSP430 microcontroller.
Publication status: published
KU Leuven publication type: IMa-p
Appears in Collections:Informatics Section

Files in This Item:
File Description Status SizeFormat
201510-qatest.pdfConference Presentation Published 699KbAdobe PDFView/Open

These files are only available to some KU Leuven Association staff members


All items in Lirias are protected by copyright, with all rights reserved.