Open Access iconOpen Access

ARTICLE

crossmark

SAPEM: Secure Attestation of Program Execution and Program Memory for IoT Applications

by Nafisa Ahmed1, Manar Abu Talib2,*, Qassim Nasir3

1 Research Institute of Science and Engineering, University of Sharjah, Sharjah, UAE
2 Department of Computer Science, University of Sharjah, Sharjah, UAE
3 Department of Electrical Engineering, University of Sharjah, Sharjah, UAE

* Corresponding Author: Manar Abu Talib. Email: email

(This article belongs to the Special Issue: Security Issues in Industrial Internet of Things)

Computers, Materials & Continua 2021, 67(1), 23-49. https://doi.org/10.32604/cmc.2021.014523

Abstract

Security is one of the major challenges that devices connected to the Internet of Things (IoT) face today. Remote attestation is used to measure these devices’ trustworthiness on the network by measuring the device platform’s integrity. Several software-based attestation mechanisms have been proposed, but none of them can detect runtime attacks. Although some researchers have attempted to tackle these attacks, the proposed techniques require additional secured hardware parts to be integrated with the attested devices to achieve their aim. These solutions are expensive and not suitable in many cases. This paper proposes a dual attestation process, SAPEM, with two phases: static and dynamic. The static attestation phase examines the program memory of the attested device. The dynamic program flow attestation examines the execution correctness of the application code. It can detect code injection and runtime attacks that hijack the control-flow, including data attacks that affect the program control-flow. The main aim is to minimize attestation overhead while maintaining our ability to detect the specified attacks. We validated SAPEM by implementing it on Raspberry Pi using its TrustZone extension. We attested it against the specified attacks and compared its performance with the related work in the literature. The results show that SAPEM significantly minimizes performance overhead while reliably detecting runtime attacks at the binary level.

Keywords


Cite This Article

APA Style
Ahmed, N., Talib, M.A., Nasir, Q. (2021). SAPEM: secure attestation of program execution and program memory for iot applications. Computers, Materials & Continua, 67(1), 23-49. https://doi.org/10.32604/cmc.2021.014523
Vancouver Style
Ahmed N, Talib MA, Nasir Q. SAPEM: secure attestation of program execution and program memory for iot applications. Comput Mater Contin. 2021;67(1):23-49 https://doi.org/10.32604/cmc.2021.014523
IEEE Style
N. Ahmed, M. A. Talib, and Q. Nasir, “SAPEM: Secure Attestation of Program Execution and Program Memory for IoT Applications,” Comput. Mater. Contin., vol. 67, no. 1, pp. 23-49, 2021. https://doi.org/10.32604/cmc.2021.014523



cc Copyright © 2021 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 2864

    View

  • 1897

    Download

  • 0

    Like

Share Link