Skip to main content

Remote Attestation of Bare-Metal Microprocessor Software: A Formally Verified Security Monitor

Part of the Communications in Computer and Information Science book series (CCIS,volume 1479)

Abstract

Remote attestation is a protocol to verify that a remote algorithm satisfies security properties, allowing to establish dynamic root of trust. Modern architectures for remote attestation combine signature or MAC primitives with hardware monitors to enforce secret confidentiality.

Our works are based on a verified hardware/software co-design for remote attestation, VRASED. Its proof is established using formal methods and its implementation is conducted on a simple embedded device based on a single core microcontroller. A heavy modification of the core, along with a hardware monitor, enforces security properties.

We propose to extend this method to microprocessors where cores cannot be modified. In this paper, we tackle this problem with support from the microprocessor’s debug interface and demonstrate that the same security properties also hold.

Keywords

  • Remote attestation
  • Security
  • Formal verification
  • FPGA

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-87101-7_5
  • Chapter length: 10 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   64.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-87101-7
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   84.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.

References

  1. AMBA AXI and ACE Protocol Specification, no. IHI 0022D ID102711 (2003–2011)

    Google Scholar 

  2. CoreSight PTM-A9 Technical Reference Manual - Revision: r1p0, no. ARM DDI 0401C ID073011 (2008–2011)

    Google Scholar 

  3. Cimatti, A., et al.: NuSMV 2: an OpenSource tool for symbolic model checking. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, pp. 359–364. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45657-0_29

    CrossRef  Google Scholar 

  4. Coker, G., et al.: Principles of remote attestation. Int. J. Inf. Secur. 10(2), 63–81 (2011). https://doi.org/10.1007/s10207-011-0124-7

    CrossRef  Google Scholar 

  5. Duret-Lutz, A., Lewkowicz, A., Fauchille, A., Michaud, T., Renault, É., Xu, L.: Spot 2.0—a framework for LTL and \(\omega \)-automata manipulation. In: Artho, C., Legay, A., Peled, D. (eds.) ATVA 2016. LNCS, vol. 9938, pp. 122–129. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46520-3_8

    CrossRef  Google Scholar 

  6. Eldefrawy, K., Nunes, I.O., Rattanavipanon, N., Steiner, M., Tsudik, G.: Formally verified hardware/software co-design for remote attestation. arXiv preprint arXiv:1811.00175 (2018)

  7. Eldefrawy, K., Tsudik, G., Francillon, A., Perito, D.: SMART: secure and minimal architecture for (establishing dynamic) root of trust. In: NDSS, vol. 12 (2012)

    Google Scholar 

  8. Ghosh, A., Sapello, A., Poylisher, A., Chiang, C.J., Kubota, A., Matsunaka, T.: On the feasibility of deploying software attestation in cloud environments. In: 2014 IEEE 7th International Conference on Cloud Computing (2014)

    Google Scholar 

  9. Irfan, A., Cimatti, A., Griggio, A., Roveri, M., Sebastiani, R.: Verilog2SMV: a tool for word-level verification. In: 2016 Design, Automation & Test in Europe Conference & Exhibition, DATE 2016, Dresden, Germany, 14–18 March 2016 (2016)

    Google Scholar 

  10. Lugou, F., Apvrille, L., Francillon, A.: Toward a methodology for unified verification of hardware/software co-designs. J. Cryptogr. Eng. (2016)

    Google Scholar 

  11. Milner, R.: An algebraic definition of simulation between programs. In: Proceedings of the 2nd International Joint Conference on Artificial Intelligence, London, UK, 1–3 September 1971 (1971)

    Google Scholar 

  12. Nunes, I.D.O., Eldefrawy, K., Rattanavipanon, N., Steiner, M., Tsudik, G.: VRASED: a verified hardware/software co-design for remote attestation. In: 28th USENIX Security Symposium. USENIX Association, Santa Clara, August 2019

    Google Scholar 

  13. Seshadri, A., Luk, M., Perrig, A., van Doom, L., Khosla, P.K.: Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems. In: Malware Detection (2007)

    Google Scholar 

  14. Vardi, M.Y.: An automata-theoretic approach to linear temporal logic. In: Moller, F., Birtwistle, G. (eds.) Logics for Concurrency. LNCS, vol. 1043, pp. 238–266. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-60915-6_6

    CrossRef  Google Scholar 

  15. Zinzindohoué, J.K., Bhargavan, K., Protzenko, J., Beurdouche, B.: HACL*: a verified modern cryptographic library. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, CCS, Dallas, TX, USA (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Jonathan Certes .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Certes, J., Morgan, B. (2021). Remote Attestation of Bare-Metal Microprocessor Software: A Formally Verified Security Monitor. In: , et al. Database and Expert Systems Applications - DEXA 2021 Workshops. DEXA 2021. Communications in Computer and Information Science, vol 1479. Springer, Cham. https://doi.org/10.1007/978-3-030-87101-7_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-87101-7_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-87100-0

  • Online ISBN: 978-3-030-87101-7

  • eBook Packages: Computer ScienceComputer Science (R0)