research-article

Secure and Efficient Software-based Attestation for Industrial Control Devices with ARM Processors

Authors:

Yueqiang ChengAuthors Info & Claims

ACSAC '17: Proceedings of the 33rd Annual Computer Security Applications Conference

Pages 425 - 436

https://doi.org/10.1145/3134600.3134621

Published: 04 December 2017 Publication History

Abstract

For industrial control systems, ensuring the software integrity of their devices is a key security requirement. A pure software-based attestation solution is highly desirable for protecting legacy field devices that lack hardware root of trust (e.g., Trusted Platform Module). However, for the large population of field devices with ARM processors, existing software-based attestation schemes either incur long attestation time or are insecure. In this paper, we design a novel memory stride technique that significantly reduces the attestation time while remaining secure against known attacks and their advanced variants on ARM platform. We analyze the scheme's security and performance based on the formal framework proposed by Armknecht et al. [7] (with a necessary change to ensure its applicability in practical settings). We also implement memory stride on two models of real-world power grid devices that are widely deployed today, and demonstrate its superior performance.

References

[1]

Stuxnet. https://en.wikipedia.org/wiki/Stuxnet.

[2]

IEEE Standard 1646, Communication Delivery Time Performance Requirements for Electric Power Substation Automation. 2005.

[3]

Ali Abbasi and Majid Hashemi. Ghost in the plc: Designing an undetectable programmable logic controller rootkit. In Black Hat Europe, 2016.

[4]

ARM. ARM Developer Suite Assembler Guide - 4.3.1. Flexible second operand. http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0068b/CIHBEAGE.html.

[5]

ARM. Cortex-M Processor Family. http://www.arm.com/products/processors/cortex-m/index.php.

[6]

ARM. Trustzone. http://www.arm.com/products/processors/technologies/trustzone/.

[7]

F. Armknecht, A.-R. Sadeghi, S. Schulz, and C. Wachsmann. A security framework for the analysis and design of software attestation. ACM CCS, 2013.

Digital Library

[8]

N. Asokan, F. Brasser, A. Ibrahim, A.-R. Sadeghi, M. Schunter, G. Tsudik, and C. Wachsmann. SEDA: Scalable Embedded Device Attestation. ACM CCS, 2015.

Digital Library

[9]

M. Assante. Confirmation of a Coordinated Attack on the Ukrainian Power Grid. https://ics.sans.org/blog/2016/01/09/confirmation-of-a-coordinated-attack-on-the-ukrainian-power-grid, 2016.

[10]

Atmel. SMART ARM Processor Based MCUs. http://www.atmel.com/products/microcontrollers/ARM/default.aspx.

[11]

Z. Basnight, J. Butts, J. Lopez Jr., and T. Dube. Firmware modification attacks on programmable logic controllers. 6(2):76--84, 2013.

[12]

Belden. SPIDER II Unmanaged Switches. https://www.belden.com/products/industrialnetworking/unmanagedswitches/spider-2.cfm.

[13]

C. Castelluccia, A. Francillon, D. Perito, and C. Soriente. On the difficulty of software-based attestation of embedded devices. In CCS, 2009.

Digital Library

[14]

A. Cui, M. Costello, and S. Stolfo. When firmware modifications attack: A case study of embedded exploitation. In NDSS, 2013.

[15]

K. E. Defrawy, A. Francillon, D. Perito, and G. Tsudik. SMART: Secure and Minimal Architecture for (Establishing Dynamic) Root of Trust. NDSS, 2012.

[16]

A. Francillon, Q. Nguyen, K. B. Rasmussen, and G. Tsudik. A minimalist approach to remote attestation. DATE, 2014.

Digital Library

[17]

J. Franklin, M. Luk, J. M. McCune, A. Seshadri, A. Perrig, and L. van Doorn. Remote detection of virtual machine monitors with fuzzy benchmarking. SIGOPS Oper. Syst. Rev., 42(3), April 2008.

Digital Library

[18]

J. Franklin, M. Luk, A. Seshadri, and A. Perrig. PRISM: Enabling Personal Verification of Code Integrity, Untampered Execution, and Trusted I/O on Legacy Systems or Human-Verifiable Code Execution. Technical Report CMU-CyLab-07-010, CyLab, February 2007.

[19]

Delta Group. Svg2000 series. http://www.deltaww.com/products/CategoryListT1.aspx?CID=060503&PID=761&hl=en-us&Name=SVG2000%20Series.

[20]

IEC. Internal standard 60870-5-104. https://webstore.iec.ch/preview/info_iec60870-5-104%7Bed2.0%7Den_d.pdf.

[21]

Texas Instruments. Smart grid leverages ARM-based solutions to enable intelligent power consumption with a more robust end-to-end communication network.

[22]

Intel. Trusted compute pools with intel® trusted execution technology. http://www.intel.com/content/www/us/en/architecture-and-technology/trusted-execution-technology/malware-reduction-general-technology.html.

[23]

X. Kovah, C. Kallenberg, C. Weathers, A. Herzog, M. Albin, and J. Butterworth. New results for timing-based attestation. IEEE S&P, 2012.

Digital Library

[24]

Sandia National Laboratories. Control System Devices: Architectures and Supply Channels Overview. http://energy.sandia.gov/wp-content/gallery/uploads/JCSW_Report_Final.pdf.

[25]

Y. Li, Y. Cheng, V. Gligor, and A. Perrig. Establishing software-only root of trust on commodity systems: Facts and fiction. Cambridge International Workshop on Security Protocols, 2015.

Digital Library

[26]

L. Martignoni, R. Paleari, and D. Bruschi. Conqueror: Tamper-proof code execution on legacy systems. DIMVA, 2010.

Digital Library

[27]

J. M. McCune, B. J. Parno, A. Perrig, M. K. Reiter, and H. Isozaki. Flicker: An Execution Infrastructure for TCB Minimization. Eurosys, 2008.

Digital Library

[28]

A. McDiarmid. ARM immediate value encoding. http://alisdair.mcdiarmid.org/arm-immediate-value-encoding/, 2014.

[29]

Moxa. EDS-205/EDS-208 Series. http://www.moxa.com/product/EDS-208205.htm.

[30]

NXP. Lpc 1756. www.nxp.com/documents/data_sheet/LPC1759_58_56_54_52_51.pdf.

[31]

NXP. Lpc 2292. www.nxp.com/documents/data_sheet/LPC2292_2294.pdf.

[32]

D. Peck and D. Peterson. Leveraging ethernet card vulnerabilities in field devices. In SCADA Security Scientific Symposium, 2009.

[33]

Adrian Perrig and Leendert van Doorn. Refutation of"on the difficulty of software-based attestation of embedded devices", April 2010.

[34]

A. Seshadri, M. Luk, A. Perrig, L. Van Doorn, and P. Khosla. Using FIRE and ICE for detecting and recovering compromised nodes in sensor networks. Technical report, Carnegie Mellon University, December 2004.

[35]

A. Seshadri, M. Luk, A. Perrig, L. van Doorn, and P. Khosla. Scuba: Secure code update by attestation in sensor networks. WiSe, 2006.

Digital Library

[36]

A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla. Pioneer: Verifying code integrity and enforcing untampered code execution on legacy systems. SOSP, 2005.

Digital Library

[37]

A. Seshadri, A. Perrig, L. van Doorn, and P. Khosla. SWATT: software-based attestation for embedded devices. IEEE S&P, 2004.

[38]

A. Shah, A. Perrig, and B. Sinopoli. Mechanisms to Provide Integrity in SCADA and PCS devices. CPS-CA, 2008.

[39]

R. Spenneberg, M. Bruggemann, and H. Schwartke. PLC-blaster: A worm living solely in the PLC. In Black Hat Asia, 2016.

[40]

P. Traynor, K. Butler, W. Enck, P. McDaniel, and K. Borders. Malnets: Largescale malicious networks via compromised wireless access points. 3(2-3):102--113, 2010.

[41]

WIZnet. http://www.wiznet.co.kr/product-item/w5100/.

Cited By

Li ZMashima DOng WEsiner EKalbarczyk ZChang EQuek TGao DZhou JCardenas A(2024)On Practicality of Using ARM TrustZone Trusted Execution Environment for Securing Programmable Logic ControllersProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3645002(947-961)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3645002
Sourav SChen B(2024)Exposing Hidden Attackers in Industrial Control Systems Using Micro-DistortionsIEEE Transactions on Smart Grid10.1109/TSG.2023.330071015:2(2089-2101)Online publication date: Mar-2024
https://doi.org/10.1109/TSG.2023.3300710
Chilese MMitev ROrenbach MThorburn RAtamli ASadeghi A(2024)One for All and All for One: GNN-based Control-Flow Attestation for Embedded Devices2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00251(3346-3364)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00251
Show More Cited By

Recommendations

On the difficulty of software-based attestation of embedded devices
CCS '09: Proceedings of the 16th ACM conference on Computer and communications security

Device attestation is an essential feature in many security protocols and applications. The lack of dedicated hardware and the impossibility to physically access devices to be attested, makes attestation of embedded devices, in applications such as ...
Simulation to ARM Processors Based on the Instruction's Eigenvalue
HPCC-CSS-ICESS '15: Proceedings of the 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conf on Embedded Software and Systems

The ARM simulator not only eliminates the barriers of embedded systems' hardware environment, but also improves the efficiency, security and reliability for the development process. To improve the performance of an ARM-based function simulation, a novel ...
Doubling the number of registers on ARM processors
INTERACT '12: Proceedings of the 2012 16th Workshop on Interaction between Compilers and Computer Architectures (INTERACT)

It is critical that more architectural registers are available to the compiler and programmer, as a small number of architectural registers might hinder the compiler and programmer from producing efficient code. Although modern chip manufacturing ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ACSAC '17: Proceedings of the 33rd Annual Computer Security Applications Conference

December 2017

618 pages

ISBN:9781450353458

DOI:10.1145/3134600

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 December 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

National Research Foundation Singapore
Singapore's Agency for Science, Technology and Research (A*STAR)

Conference

ACSAC 2017

ACSAC 2017: 2017 Annual Computer Security Applications Conference

December 4 - 8, 2017

FL, Orlando, USA

Acceptance Rates

Overall Acceptance Rate 104 of 497 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
363
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)2

Reflects downloads up to 01 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Li ZMashima DOng WEsiner EKalbarczyk ZChang EQuek TGao DZhou JCardenas A(2024)On Practicality of Using ARM TrustZone Trusted Execution Environment for Securing Programmable Logic ControllersProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3645002(947-961)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3645002
Sourav SChen B(2024)Exposing Hidden Attackers in Industrial Control Systems Using Micro-DistortionsIEEE Transactions on Smart Grid10.1109/TSG.2023.330071015:2(2089-2101)Online publication date: Mar-2024
https://doi.org/10.1109/TSG.2023.3300710
Chilese MMitev ROrenbach MThorburn RAtamli ASadeghi A(2024)One for All and All for One: GNN-based Control-Flow Attestation for Embedded Devices2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00251(3346-3364)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00251
Lin WTan HChen BZhang F(2023)DNAttest: Digital-twin-based Non-intrusive Attestation under Transient Uncertainty2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58367.2023.00044(376-388)Online publication date: Jun-2023
https://doi.org/10.1109/DSN58367.2023.00044
Aman MBasheer MDash SSancheti AWong JXu JLim HSikdar B(2022)PRoM: Passive Remote Attestation Against Roving Malware in Multicore IoT DevicesIEEE Systems Journal10.1109/JSYST.2021.306643716:1(789-800)Online publication date: Mar-2022
https://doi.org/10.1109/JSYST.2021.3066437
Aman MBasheer HWong JXu JLim HSikdar B(2022)Machine-Learning-Based Attestation for the Internet of Things Using Memory TracesIEEE Internet of Things Journal10.1109/JIOT.2022.31765309:20(20431-20443)Online publication date: 15-Oct-2022
https://doi.org/10.1109/JIOT.2022.3176530
Sourav SChen B(2021)Distort to Detect, not Affect: Detecting Stealthy Sensor Attacks with Micro-distortion2021 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)10.1109/SmartGridComm51999.2021.9632311(412-418)Online publication date: 25-Oct-2021
https://doi.org/10.1109/SmartGridComm51999.2021.9632311
Yang ZAdepu SZhou J(2021)Opportunities and Challenges in Securing Critical Infrastructures Through CryptographyIEEE Security & Privacy10.1109/MSEC.2021.309002219:5(57-65)Online publication date: Sep-2021
https://doi.org/10.1109/MSEC.2021.3090022
Johnson WGhafoor SProwell S(2021)A Taxonomy and Review of Remote Attestation Schemes in Embedded SystemsIEEE Access10.1109/ACCESS.2021.31192209(142390-142410)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3119220
Delgado-Lozano IMartínez-Rodríguez MBakas ABrumley BMichalas A(2021)Attestation Waves: Platform Trust via Remote Power AnalysisCryptology and Network Security10.1007/978-3-030-92548-2_24(460-482)Online publication date: 13-Dec-2021
https://dl.acm.org/doi/10.1007/978-3-030-92548-2_24
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents