More Web Proxy on the site http://driver.im/

research-article

Towards availability and real-time guarantees for protected module architectures

Authors:

Jan Tobias Mühlberg,

Frank PiessensAuthors Info & Claims

MODULARITY Companion 2016: Companion Proceedings of the 15th International Conference on Modularity

Pages 146 - 151

https://doi.org/10.1145/2892664.2892693

Published: 14 March 2016 Publication History

Abstract

Protected Module Architectures are a new brand of security architectures whose main objective is to support the secure isolated execution of software modules with a minimal Trusted Computing Base (TCB) -- several prototypes for embedded systems (and also the Intel Software Guard eXtensions for higher-end systems) ensure isolation with a hardware-only TCB. However, while these architectures offer strong confidentiality and integrity guarantees for software modules, they offer no availability (let alone real-time) guarantees. This paper reports on our work-in-progress towards extending a protected module architecture for small microprocessors with availability and real-time guarantees. Our objective is to maintain the existing security guarantees with a hardware-only TCB, but to also guarantee availability (and even real-time properties) if one can also trust the scheduler. The scheduler, as any software on the platform, remains untrusted for confidentiality and integrity -- but it is sufficient to trust the scheduler module to get availability guarantees even on a partially compromised platform.

References

[1]

P. Agten, R. Strackx, B. Jacobs, and F. Piessens. Secure compilation to modern processors. In Computer Security Foundations Symposium (CSF), 2012 IEEE 25th, pages 171–185. IEEE, 2012.

Digital Library

[2]

F. Brasser, B. El Mahjoub, A.-R. Sadeghi, C. Wachsmann, and P. Koeberl. Tytan: Tiny trust anchor for tiny devices. In Design Automation Conference (DAC 2015), pages 1–6. IEEE, 2015.

Digital Library

[3]

N. Cooprider, W. Archer, E. Eide, D. Gay, and J. Regehr. Efficient memory safety for TinyOS. In Proceedings of the 5th international conference on Embedded networked sensor systems, pages 205–218. ACM, 2007.

Digital Library

[4]

A. Crespo, I. Ripoll, and M. Masmano. Partitioned embedded architecture based on hypervisor: The XtratuM approach. In Dependable Computing Conference (EDCC 2010), pages 67–72. IEEE, 2010.

Digital Library

[5]

R. De Clercq, F. Piessens, D. Schellekens, and I. Verbauwhede. Secure interrupts on low-end microcontrollers. In Application-specific Systems, Architectures and Processors (ASAP), 2014 IEEE 25th International Conference on, pages 147–152. IEEE, 2014.

[6]

K. Eldefrawy, G. Tsudik, A. Francillon, and D. Perito. SMART: Secure and minimal architecture for (establishing a dynamic) root of trust. In NDSS, volume 12, pages 1–15. Internet Society, 2012.

[7]

Ú. Erlingsson, Y. Younan, and F. Piessens. Low-level software security by example. In Handbook of Information and Communication Security, pages 633–658. Springer, 2010.

[8]

L. Gu and J. A. Stankovic. t-kernel: Providing reliable OS support to wireless sensor networks. In Proceedings of the 4th international conference on Embedded networked sensor systems, pages 1–14. ACM, 2006.

Digital Library

[9]

G. Klein, K. Elphinstone, G. Heiser, J. Andronick, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, et al. seL4: Formal verification of an OS kernel. In Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, pages 207– 220. ACM, 2009.

Digital Library

[10]

P. Koeberl, S. Schulz, A.-R. Sadeghi, and V. Varadharajan. TrustLite: A security architecture for tiny embedded devices. In Proceedings of the Ninth European Conference on Computer Systems, pages 10:1–10:14. ACM, 2014.

Digital Library

[11]

R. Kumar, E. Kohler, and M. Srivastava. Harbor: Software-based memory protection for sensor nodes. In Proceedings of the 6th international conference on Information processing in sensor networks, pages 340–349. ACM, 2007.

Digital Library

[12]

J. Liedtke. On µ-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles, pages 237–250. ACM, 1995.

[13]

R. J. Masti, C. Marforio, A. Ranganathan, A. Francillon, and S. Capkun. Enabling trusted scheduling in embedded systems. In Proceedings of the 28th Annual Computer Security Applications Conference, pages 61–70. ACM, 2012.

Digital Library

[14]

J. M. McCune, Y. Li, N. Qu, Z. Zhou, A. Datta, V. D. Gligor, and A. Perrig. TrustVisor: Efficient TCB reduction and attestation. In 31st IEEE Symposium on Security and Privacy, S&P 2010, 16-19 May 2010, Berleley/Oakland, California, USA, pages 143––158. IEEE, 2010.

Digital Library

[15]

J. M. McCune, B. Parno, A. Perrig, M. K. Reiter, and H. Isozaki. Flicker: An execution infrastructure for TCB minimization. In Proceedings of the 2008 EuroSys Conference, Glasgow, Scotland, UK, April 1-4, 2008, pages 315–328. ACM, 2008.

Digital Library

[16]

F. McKeen, I. Alexandrovich, A. Berenzon, C. V. Rozas, H. Shafi, V. Shanbhogue, and U. R. Savagaonkar. Innovative instructions and software model for isolated execution. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, pages 10:1–10:1. ACM, 2013.

Digital Library

[17]

J. T. Mühlberg, J. Noorman, and F. Piessens. Lightweight and flexible trust assessment modules for the Internet of Things. In European Symposium on Research in Computer Security (ESORICS 2015), pages 503–520. Springer, 2015.

Digital Library

[18]

J. Noorman, P. Agten, W. Daniels, R. Strackx, A. Van Herrewege, C. Huygens, B. Preneel, I. Verbauwhede, and F. Piessens. Sancus: Lowcost trustworthy extensible networked devices with a zero-software trusted computing base. In USENIX SEC’13, pages 479–494. USENIX Association, 2013.

Digital Library

[19]

G. Parmer. The case for thread migration: Predictable IPC in a customizable and reliable OS. In Proceedings of the Workshop on Operating Systems Platforms for Embedded Real-Time applications (OSPERT 2010), page 91, 2010.

[20]

M. Patrignani, P. Agten, R. Strackx, B. Jacobs, D. Clarke, and F. Piessens. Secure compilation to protected module architectures. ACM Transactions on Programming Languages and Systems, 37(2):6:1–6:50, April 2015.

Digital Library

[21]

M. Patrignani, D. Devriese, and F. Piessens. Multi-module fully abstract compilation (extended abstract). In Workshop on Foundations of Computer Security, July 2015.

[22]

R. Strackx, P. Agten, N. Avonds, and F. Piessens. Salus: Kernel support for secure process compartments. EAI Endorsed Transactions on Security and Safety, 15(3), 2015.

[23]

R. Strackx, J. Noorman, I. Verbauwhede, B. Preneel, and F. Piessens. Protected software module architectures. In ISSE 2013 Securing Electronic Business Processes, pages 241–251. Springer, 2013.

[24]

R. Strackx and F. Piessens. Fides: Selectively hardening software application components against kernel-level or process-level malware. In Proceedings of the 2012 ACM conference on Computer and communications security, pages 2–13. ACM, 2012.

Digital Library

[25]

R. Strackx, F. Piessens, and B. Preneel. Efficient isolation of trusted subsystems in embedded systems. In Security and Privacy in Communication Networks, pages 344–361. Springer, 2010.

[26]

J. Van Bulck, J. Noorman, J. T. Mühlberg, and F. Piessens. Secure resource sharing for embedded protected module architectures. In International Conference on Information Security Theory and Practice (WISTP 2015), pages 71–87. Springer, 2015.

Digital Library

Cited By

Van Bulck JPiessens FStrackx RLie DMannan MBackes MWang X(2018)NemesisProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243822(178-195)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243822
Van Bulck JMühlberg JPiessens F(2017)VulCANProceedings of the 33rd Annual Computer Security Applications Conference10.1145/3134600.3134623(225-237)Online publication date: 4-Dec-2017
https://dl.acm.org/doi/10.1145/3134600.3134623
Mühlberg JCleemput SMustafa MVan Bulck JPreneel BPiessens F(2016)An Implementation of a High Assurance Smart Meter Using Protected Module ArchitecturesInformation Security Theory and Practice10.1007/978-3-319-45931-8_4(53-69)Online publication date: 17-Sep-2016
https://doi.org/10.1007/978-3-319-45931-8_4

Index Terms

Towards availability and real-time guarantees for protected module architectures
1. Software and its engineering
  1. Software creation and management
    1. Designing software
  2. Software organization and properties
    1. Contextual software domains
      1. Operating systems

Recommendations

Aion: Enabling Open Systems through Strong Availability Guarantees for Enclaves
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

Embedded Trusted Execution Environments (TEEs) can provide strong security for software in the IoT or in critical control systems. Approaches to combine this security with real-time and availability guarantees are currently missing. In this paper we ...
Secure Resource Sharing for Embedded Protected Module Architectures
Information Security Theory and Practice
Abstract
Low-end embedded devices and the Internet of Things (IoT) are becoming increasingly important for our lives. They are being used in domains such as infrastructure management, and medical and healthcare systems, where business interests and our ...
The Formal Design Model of a Real-Time Operating System RTOS+: Static and Dynamic Behaviors

A real-time operating system RTOS provides a platform for the design and implementation of a wide range of applications in real-time systems, embedded systems, and mission-critical systems. This paper presents a formal design model for a general RTOS ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

MODULARITY Companion 2016: Companion Proceedings of the 15th International Conference on Modularity

March 2016

217 pages

ISBN:9781450340335

DOI:10.1145/2892664

General Chair:
Lidia Fuentes
Universidad de Málaga, Spain
,
Program Chairs:
Don Batory
University of Texas at Austin, USA
,
Krzysztof Czarnecki
University of Waterloo, Canada

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 March 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

Modularity '16

Modularity '16: Companion volume of the 15th International Conference on Modularity

March 14 - 17, 2016

Málaga, Spain

Acceptance Rates

Overall Acceptance Rate 41 of 139 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
121
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 06 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Van Bulck JPiessens FStrackx RLie DMannan MBackes MWang X(2018)NemesisProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security10.1145/3243734.3243822(178-195)Online publication date: 15-Oct-2018
https://dl.acm.org/doi/10.1145/3243734.3243822
Van Bulck JMühlberg JPiessens F(2017)VulCANProceedings of the 33rd Annual Computer Security Applications Conference10.1145/3134600.3134623(225-237)Online publication date: 4-Dec-2017
https://dl.acm.org/doi/10.1145/3134600.3134623
Mühlberg JCleemput SMustafa MVan Bulck JPreneel BPiessens F(2016)An Implementation of a High Assurance Smart Meter Using Protected Module ArchitecturesInformation Security Theory and Practice10.1007/978-3-319-45931-8_4(53-69)Online publication date: 17-Sep-2016
https://doi.org/10.1007/978-3-319-45931-8_4

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents