A Proposal for Security Assessment of Trustzone-M based Software

Iannillo, Antonio Ken; State, Radu

Request a copy

Paper published in a book (Scientific congresses, symposiums and conference proceedings)

A Proposal for Security Assessment of Trustzone-M based Software

Iannillo, Antonio Ken; State, Radu

2019 • In 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE)

Peer reviewed

Permalink
https://hdl.handle.net/10993/40975

Files (1)Send to Details Statistics Bibliography Similar publications

Files

Full Text

Iannillo_ISSRE2019.pdf

Author preprint (93.66 kB)

Request a copy

All documents in ORBilu are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

IoT; Security; Assessment; Trustzone-M

Abstract :

[en] With the advent of the Internet of Things (IoT) paradigm, computing and networking capabilities are extending to devices that are not considered as computers, enabling them to interact with the physical world or other software entities with minimal or no human input. This fast abstract proposes a methodology for the security assessment of software based on TrustZone-M, the ARM hardware security extension for microcontrollers. The methodology consists of the exploitation of a veriﬁcation and validation framework to automatically test TrustZone-M based software.

Disciplines :

Computer science

Author, co-author :

Iannillo, Antonio Ken ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

State, Radu ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

External co-authors :

Language :

English

Title :

A Proposal for Security Assessment of Trustzone-M based Software

Publication date :

2019

Event name :

2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE)

Event date :

from 28-10-2019 to 31-10-2019

Main work title :

2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE)

Peer reviewed :

Peer reviewed

Focus Area :

Security, Reliability and Trust

European Projects :

H2020 - 830927 - CONCORDIA - Cyber security cOmpeteNCe fOr Research anD InnovAtion

Funders :

CE - Commission Européenne [BE]

Available on ORBilu :

since 18 November 2019

Statistics

Number of views

166 (17 by Unilu)

Number of downloads

3 (0 by Unilu)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

Bibliography

T. Alves, "Trustzone: Integrated hardware and software security, " White paper, 2004.
A. ARM, "Security technology building a secure system using trustzone technology (white paper), " ARM Limited, 2009.
P. Sparks, "The route to a trillion devices, " White Paper, ARM, 2017.
TrustZone technology for ARMv8-M Atchitecture, ARM, 2017.
A. Machiry, E. Gustafson, C. Spensky, C. Salls, N. Stephens, R. Wang, A. Bianchi, Y. R. Choe, C. Kruegel, and G. Vigna, "BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments, " in Proceedings 2017 Network and Distributed System Security Symposium, 2017.
D. Rosenberg, "QSEE TrustZone Kernel Integer Overflow Vulnerability, " Tech. Rep., 2014.
T. Nyman, J.-E. Ekberg, L. Davi, and N. Asokan, "Cfi care: Hardwaresupported call and return enforcement for commercial microcontrollers, " in International Symposium on Research in Attacks, Intrusions, and Defenses. Springer, 2017, pp. 259-284.
N. Asokan, T. Nyman, N. Rattanavipanon, A.-R. Sadeghi, and G. Tsudik, "Assured: Architecture for secure software update of realistic embedded devices, " IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 37, no. 11, pp. 2290-2300, 2018.