Practical Analysis Framework for Software-Based Attestation Scheme

  • Li Li
  • Hong Hu
  • Jun Sun
  • Yang Liu
  • Jin Song Dong
Conference paper

DOI: 10.1007/978-3-319-11737-9_19

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8829)
Cite this paper as:
Li L., Hu H., Sun J., Liu Y., Dong J.S. (2014) Practical Analysis Framework for Software-Based Attestation Scheme. In: Merz S., Pang J. (eds) Formal Methods and Software Engineering. ICFEM 2014. Lecture Notes in Computer Science, vol 8829. Springer, Cham

Abstract

An increasing number of ”smart” embedded devices are employed in our living environment nowadays. Unlike traditional computer systems, these devices are often physically accessible to the attackers. It is therefore almost impossible to guarantee that they are un-compromised, i.e., that indeed the devices are executing the intended software. In such a context, software-based attestation is deemed as a promising solution to validate their software integrity. It guarantees that the software running on the embedded devices are un-compromised without any hardware support. However, designing software-based attestation protocols are shown to be error-prone. In this work, we develop a framework for design and analysis of software-based attestation protocols. We first propose a generic attestation scheme that captures most existing software-based attestation protocols. After formalizing the security criteria for the generic scheme, we apply our analysis framework to several well-known software-based attestation protocols and report various potential vulnerabilities. To the best of our knowledge, this is the first practical analysis framework for software-based attestation protocols.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Li Li
    • 1
  • Hong Hu
    • 1
  • Jun Sun
    • 2
  • Yang Liu
    • 3
  • Jin Song Dong
    • 1
  1. 1.National University of SingaporeSingapore
  2. 2.Singapore University of Technology and DesignSingapore
  3. 3.Nanyang Technological UniversitySingapore

Personalised recommendations