Verifiable Firmware Update Mechanisms for Embedded Systems
Main Navigation
- Home
-
Contact Us
Consortium for Embedded Systems
School of Electrical, Computer, and Biomedical Engineering
1230 Lincoln Drive Mail Code 6603
Carbondale, IL 62901
618-453-7027
spyros@siu.edu
Main Content
PIs: Ning Weng, Spyros Tragoudas
Type: New
Proposed Budget: $35,000
Phone: (618) 453-7645, (618) 453-7027
Email: nweng@siu.edu, spyros@engr.siu.edu
Abstract: Maintaining the integrity of embedded systems (ES) is critical but challenging. One of the key challenges is that firmware in ES is expected to be updated post-deployment and malicious code can be injected to ES during process of update. Project will evaluate varying design solutions for secure update infrastructure in terms of in terms of resilience against varying threats and infrastructure requirements. The possible solutions include, but not limited to, the following: authority-based (back office server) and ES-based (host-monitoring), and hybrid. Evaluated criteria include observed resistance to well-known attacks, system complexity, hardware cost, power usage, administrative overhead. Analysis on real platform will be included in the evaluation.
Problem: A secure infrastructure is required for authorized entities to verify if the integrity of remote ES in an untrusted zone has not been tampered during firmware update. This infrastructure must authenticate legitimate users, attest code integrity, and deliver to the designated authorized entity.
Rationale / Approach: Post-deployment software update presents attacker an avenue for subversion of embedded system. Frequent major/minor updates trending up; authorized entities must be able to verify if programs running on remote untrusted devices have not been tampered with by malicious users. Explore evaluate different possible firmware update mechanisms such as Authority-based and Host-monitoring.
Novelty: An end-to-end integrity verification mechanisms; tradeoff between two authority and host-based solutions.
Potential Member Company Benefits: Improved understanding of the total infrastructure costs and benefits of access control systems that employ trusted platform modules or hardware dongles.
Deliverables for the proposed:
· Description authority-based and host-based verification mechanisms
· Understanding tradeoff varying mechanisms in terms of infrastructure cost
· Final recommendation
Milestones for the proposed year:
Q1 – Review adversary attack methods and verification mechanism specification
Q2 – Authority-based solution
Q3 – Host-based solution, acquire candidate systems for platform evaluation
Q4 – Prepare final report