“N. Asokan, Ferdinand Brasser, Ahmad Ibrahim, Ahmad-Reza Sadeghi, Matthias Schunter, Gene Tsudik, Christian Wachsmann
SEDA: Scalable Embedded Device Attestation; In: 22nd ACM Conference on Computer and Communications Security (CCS), October 2015.
Abstract
Today, large numbers of smart interconnected devices provide safety and security
critical services for energy grids, industrial control systems, gas and oil search robots, home/office automation,
transportation, and critical infrastructure. These devices often operate in swarms — large,
dynamic, and self-organizing networks. Software integrity verification of device swarms is
necessary to ensure their correct and safe operation as well as to protect them against attacks.
However, current device attestation schemes assume a single prover device and do not scale to swarms.
We present SEDA, the first attestation scheme % to verify software integrity of
for device swarms. We introduce a formal security model for swarm attestation and show security of our approach in this model.
We demonstrate two proof-of-concept implementations based on two recent (remote) attestation architectures
for embedded systems, including an Intel research platform. We assess performance of SEDA
based on these implementations and simulations of large swarms. SEDA can efficiently attest swarms with dynamic and static topologies common in automotive, avionic, industrial control and critical infrastructures settings.
[gview file=”https://www.schunter.org/blog/wp-content/uploads/2015/08/ccsfp391-1.pdf”]