scholarly journals SoftME: A Software-Based Memory Protection Approach for TEE System to Resist Physical Attacks

2019 ◽  
Vol 2019 ◽  
pp. 1-12 ◽  
Author(s):  
Meiyu Zhang ◽  
Qianying Zhang ◽  
Shijun Zhao ◽  
Zhiping Shi ◽  
Yong Guan
Keyword(s):  
Prototype System ◽  
Sensitive Data ◽  
Embedded Devices ◽  
Memory Space ◽  
Memory Protection ◽  
System Overhead ◽  
Execution Environment ◽  
On Chip ◽  
The Internet Of Things ◽  
Trusted Execution Environment

The development of the Internet of Things has made embedded devices widely used. Embedded devices are often used to process sensitive data, making them the target of attackers. ARM TrustZone technology is used to protect embedded device data from compromised operating systems and applications. But as the value of the data stored in embedded devices increases, more and more effective physical attacks have emerged. However, TrustZone cannot resist physical attacks. We propose SoftME, an approach that utilizes the on-chip memory space to provide a trusted execution environment for sensitive applications. We protect the confidentiality and integrity of the data stored on the off-chip memory. In addition, we design task scheduling in the encryption process. We implement a prototype system of our approach on the development board supporting TrustZone and evaluate the overhead of our approach. The experimental results show that our approach improves the security of the system, and there is no significant increase in system overhead.

Enhancing the Security of FPGA-SoCs via the Usage of ARM TrustZone and a Hybrid-TPM

2022 ◽  
Vol 15 (1) ◽  
pp. 1-26
Author(s):  
Mathieu Gross ◽  
Konrad Hohentanner ◽  
Stefan Wiehler ◽  
Georg Sigl
Keyword(s):  
Software Design ◽  
Hardware Accelerators ◽  
Biometric Authentication ◽  
Trusted Platform Module ◽  
Start Up ◽  
Execution Environment ◽  
On Chip ◽  
Trusted Platform ◽  
Trusted Execution Environment ◽  
Entropy Source

Isolated execution is a concept commonly used for increasing the security of a computer system. In the embedded world, ARM TrustZone technology enables this goal and is currently used on mobile devices for applications such as secure payment or biometric authentication. In this work, we investigate the security benefits achievable through the usage of ARM TrustZone on FPGA-SoCs. We first adapt Microsoft’s implementation of a firmware Trusted Platform Module (fTPM) running inside ARM TrustZone for the Zynq UltraScale+ platform. This adaptation consists in integrating hardware accelerators available on the device to fTPM’s implementation and to enhance fTPM with an entropy source derived from on-chip SRAM start-up patterns. With our approach, we transform a software implementation of a TPM into a hybrid hardware/software design that could address some of the security drawbacks of the original implementation while keeping its flexibility. To demonstrate the security gains obtained via the usage of ARM TrustZone and our hybrid-TPM on FPGA-SoCs, we propose a framework that combines them for enabling a secure remote bitstream loading. The approach consists in preventing the insecure usages of a bitstream reconfiguration interface that are made possible by the manufacturer and to integrate the interface inside a Trusted Execution Environment.

scholarly journals Bypassing Isolated Execution on RISC-V using Side-Channel-Assisted Fault-Injection and Its Countermeasure

2021 ◽  
pp. 28-68
Author(s):  
Shoei Nashimoto ◽  
Daisuke Suzuki ◽  
Rei Ueno ◽  
Naofumi Homma
Keyword(s):  
Real World ◽  
Fault Injection ◽  
Side Channel ◽  
Proof Of Concept ◽  
Malicious Software ◽  
Memory Protection ◽  
Channel Information ◽  
Execution Environment ◽  
Fault Injection Attack ◽  
Trusted Execution Environment

RISC-V is equipped with physical memory protection (PMP) to prevent malicious software from accessing protected memory regions. PMP provides a trusted execution environment (TEE) that isolates secure and insecure applications. In this study, we propose a side-channel-assisted fault-injection attack to bypass isolation based on PMP. The proposed attack scheme involves extracting successful glitch parameters for fault injection from side-channel information under crossdevice conditions. A proof-of-concept TEE compatible with PMP in RISC-V was implemented, and the feasibility and effectiveness of the proposed attack scheme was validated through experiments in TEEs. The results indicate that an attacker can bypass the isolation of the TEE and read data from the protected memory region In addition, we experimentally demonstrate that the proposed attack applies to a real-world TEE, Keystone. Furthermore, we propose a software-based countermeasure that prevents the proposed attack.

scholarly journals Protecting Security-Sensitive Data Using Program Transformation and Trusted Execution Environment

2021 ◽  
Author(s):  
Anter Abdu Alhag Ali Faree ◽  
Yongzhi Wang
Keyword(s):  
Program Transformation ◽  
Trusted Computing ◽  
Control Flow ◽  
Public Cloud ◽  
Sensitive Data ◽  
New Approach ◽  
The Public ◽  
Trusted Computing Base ◽  
Execution Environment ◽  
Trusted Execution Environment

Abstract Cloud computing allows clients to upload their sensitive data to the public cloud and perform sensitive computations in those untrusted areas, which drives to possible violations of the confidentiality of client sensitive data. Utilizing Trusted Execution Environments (TEEs) to protect data confidentiality from other software is an effective solution. TEE is supported by different platforms, such as Intel’s Software Guard Extension (SGX). SGX provides a TEE, called an enclave, which can be used to protect the integrity of the code and the confidentiality of data. Some efforts have proposed different solutions in order to isolate the execution of security-sensitive code from the rest of the application. Unlike our previous work, CFHider, a hardware-assisted method that aimed to protect only the confidentiality of control flow of applications, in this study, we develop a new approach for partitioning applications into security-sensitive code to be run in the trusted execution setting and cleartext code to be run in the public cloud setting. Our approach leverages program transformation and TEE to hide security-sensitive data of the code. We describe our proposed solution by combining the partitioning technique, program transformation, and TEEs to protect the execution of security-sensitive data of applications. Some former works have shown that most applications can run in their entirety inside trusted areas such as SGX enclaves, and that leads to a large Trusted Computing Base (TCB). Instead, we analyze three case studies, in which we partition real Java applications and employ the SGX enclave to protect the execution of sensitive statements, therefore reducing the TCB. We also showed the advantages of the proposed solution and demonstrated how the confidentiality of security-sensitive data is protected.

scholarly journals Attacking TrustZone on devices lacking memory protection

2021 ◽  
Author(s):  
Ron Stajnrod ◽  
Raz Ben Yehuda ◽  
Nezer Jacob Zaidenberg
Keyword(s):  
Memory Protection ◽  
Design And Implementation ◽  
Execution Environment ◽  
Processor Cores ◽  
Trusted Execution Environment

AbstractARM TrustZone offers a Trusted Execution Environment (TEE) embedded into the processor cores. Some vendors offer ARM modules that do not fully comply with TrustZone specifications, which may lead to vulnerabilities in the system. In this paper, we present a DMA attack tutorial from the insecure world onto the secure world, and the design and implementation of this attack in a real insecure hardware.

Automatic Vulnerability Detection in Embedded Devices and Firmware

2021 ◽  
Vol 54 (2) ◽  
pp. 1-42
Author(s):  
Abdullah Qasem ◽  
Paria Shirani ◽  
Mourad Debbabi ◽  
Lingyu Wang ◽  
Bernard Lebel ◽  
...  
Keyword(s):  
Embedded Systems ◽  
Symbolic Execution ◽  
Vital Role ◽  
Security And Privacy ◽  
Embedded Devices ◽  
Security Vulnerabilities ◽  
Future Directions ◽  
Hybrid Approaches ◽  
Wide Range ◽  
The Internet Of Things

In the era of the internet of things (IoT), software-enabled inter-connected devices are of paramount importance. The embedded systems are very frequently used in both security and privacy-sensitive applications. However, the underlying software (a.k.a. firmware) very often suffers from a wide range of security vulnerabilities, mainly due to their outdated systems or reusing existing vulnerable libraries; which is evident by the surprising rise in the number of attacks against embedded systems. Therefore, to protect those embedded systems, detecting the presence of vulnerabilities in the large pool of embedded devices and their firmware plays a vital role. To this end, there exist several approaches to identify and trigger potential vulnerabilities within deployed embedded systems firmware. In this survey, we provide a comprehensive review of the state-of-the-art proposals, which detect vulnerabilities in embedded systems and firmware images by employing various analysis techniques, including static analysis, dynamic analysis, symbolic execution, and hybrid approaches. Furthermore, we perform both quantitative and qualitative comparisons among the surveyed approaches. Moreover, we devise taxonomies based on the applications of those approaches, the features used in the literature, and the type of the analysis. Finally, we identify the unresolved challenges and discuss possible future directions in this field of research.

IIoTEED: An Enhanced, Trusted Execution Environment for Industrial IoT Edge Devices

2017 ◽  
Vol 21 (1) ◽  
pp. 40-47 ◽  
Author(s):  
Sandro Pinto ◽  
Tiago Gomes ◽  
Jorge Pereira ◽  
Jorge Cabral ◽  
Adriano Tavares
Keyword(s):  
Industrial Iot ◽  
Execution Environment ◽  
Trusted Execution Environment

Cooperative Mechanism of Local Memory and Cache in Network Processors

2013 ◽  
Vol 380-384 ◽  
pp. 1969-1972
Author(s):  
Bo Yuan ◽  
Jin Dou Fan ◽  
Bin Liu
Keyword(s):  
Packet Processing ◽  
Network Processors ◽  
Local Memory ◽  
Memory Space ◽  
Memory Mechanism ◽  
Hierarchical Memory ◽  
Packet Data ◽  
On Chip ◽  
Cache Mechanism ◽  
Cache Miss

Traditional network processors (NPs) adopt either local memory mechanism or cache mechanism as the hierarchical memory structure. The local memory mechanism usually has small on-chip memory space which is not fit for the various complicated applications. The cache mechanism is better at dealing with the temporary data which need to be read and written frequently. But in deep packet processing, cache miss occurs when reading each segment of packet. We propose a cooperative mechanism of local memory and cache. In which the packet data and temporary data are stored into local memory and cache respectively. The analysis and experimental evaluation shows that the cooperative mechanism can improve the performance of network processors and reduce processing latency with little extra resources cost.

Sign in / Sign up

Export Citation Format

Share Document