Measured Firmware Deployment for Embedded Microcontroller Platforms

Samuel Weiser, Ronald Toegl, Johannes Winter

2014

Abstract

While Embedded Systems are small hardware systems, much added value is often created through the inclusion of specialized firmware. One specific challenge is the secure distribution and update of application specific software. Using a Trusted Platform Module we implement measured firmware updates on a low resource embedded micro-controller platform. We show that it is feasible to ensure both, confidentiality of the update and authenticity of the device for which the update was intended. Furthermore a Trusted Boot mechanism enforces integrity checks during startup to detect malicious code before it is executed. While recent literature focuses on high-performance micro-controller systems or FPGA platforms, our proof-of-concept only requires an 8-bit low-cost off-the-shelf micro-controller.

References

  1. Atmel (2012). 8-bit atmel xmega au manual, revision f.
  2. Atmel (2013). Atmel software framework.
  3. Chen, L., Landfermann, R., L öhr, H., Rohe, M., Sadeghi, A.-R., and Stüble, C. (2006). A protocol for propertybased attestation. In Proceedings of the First ACM Workshop on Scalable Trusted Computing, STC 7806, pages 7-16, New York, NY, USA. ACM.
  4. Feller, T., Malipatlolla, S., Meister, D., and Huss, S. (2011). Tinytpm: A lightweight module aimed to ip protection and trusted embedded platforms. In 2011 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pages 6-11.
  5. Global Industry Analysts Inc. (2013). Embedded Systems: Market Research Report. http://marketpublishers.com/.
  6. Hendricks, J. and van Doorn, L. (2004). Secure bootstrap is not enough: shoring up the trusted computing base. In Proceedings of the 11th workshop on ACM SIGOPS European workshop. ACM.
  7. Hwang, D., Schaumont, P., Tiri, K., and Verbauwhede, I. (2006). Securing embedded systems. Security Privacy, IEEE, 4(2):40-49.
  8. Kizhvatov, I. (2009). Side channel analysis of avr xmega crypto engine. In Proceedings of the 4th Workshop on Embedded Systems Security, WESS 7809, pages 8:1- 8:7. ACM.
  9. Koopman, P. (2004). Embedded system security. Computer, 37(7):95-97.
  10. Larbig, P., Kuntze, N., Rudolph, C., and Fuchs, A. (2013). On the integration of harware-based trust in embedded devices. Konferenz für ARM-Systementwicklung.
  11. Mueller, T. (2008). Trusted Computing Systeme. Springer.
  12. NXP semiconductors (2012). I2C-bus specification and user manual. Available online at: http://www.nxp.com/documents/user manual/ UM10204.pdf.
  13. Papa, S., Casper, W., and Nair, S. (2011). Placement of trust anchors in embedded computer systems. In 2011 IEEE International Symposium on HardwareOriented Security and Trust (HOST), pages 111-116.
  14. Pirker, M., Winter, J., and Toegl, R. (2012). Lightweight distributed attestation for the cloud. In Proceedings of the 2nd International Conference on Cloud Computing and Services Science (CLOSER), pages 580 - 585. SciTePress.
  15. Ravi, S., Raghunathan, A., Kocher, P., and Hattangady, S. (2004). Security in embedded systems: Design challenges. ACM Trans. Embed. Comput. Syst., 3(3):461- 491.
  16. TCG (2011). Part 3 - commands. In TPM Main Specification Level 2 Version 1.2, Revision 103.
  17. TCG (2013a). Part 1 - architecture. In Trusted Platform Module Library Specification, Family 2.0, Level 00, Revision 00.96.
  18. TCG (2013b). Part 3 - commands. In Trusted Platform Module Library Specification, Family 2.0, Level 00, Revision 00.96.
  19. Toegl, R., Hofferek, G., Greimel, K., Leung, A., Phan, R.- W., and Bloem, R. (2008). Formal analysis of a TPMbased secrets distribution and storage scheme. In Proceedings TRUSTCOM 2008, in: Young Computer Scientists, 2008. ICYCS 2008. The 9th International Conference for, pages 2289-2294.
  20. Trusted Computing Group (2011). TCG PC Client Specific TPM Interface Specification (TIS) specification version 1.21 revision 1.00. TCG Standard.
  21. Weiser, S. (2013). Trusted firmware on embedded microcontroller platforms. Bachelor Project Report, Graz University of Technology.
Download


Paper Citation


in Harvard Style

Weiser S., Toegl R. and Winter J. (2014). Measured Firmware Deployment for Embedded Microcontroller Platforms . In Proceedings of the 4th International Conference on Pervasive and Embedded Computing and Communication Systems - Volume 1: MeSeCCS, (PECCS 2014) ISBN 978-989-758-000-0, pages 237-246. DOI: 10.5220/0004877702370246


in Bibtex Style

@conference{meseccs14,
author={Samuel Weiser and Ronald Toegl and Johannes Winter},
title={Measured Firmware Deployment for Embedded Microcontroller Platforms},
booktitle={Proceedings of the 4th International Conference on Pervasive and Embedded Computing and Communication Systems - Volume 1: MeSeCCS, (PECCS 2014)},
year={2014},
pages={237-246},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004877702370246},
isbn={978-989-758-000-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 4th International Conference on Pervasive and Embedded Computing and Communication Systems - Volume 1: MeSeCCS, (PECCS 2014)
TI - Measured Firmware Deployment for Embedded Microcontroller Platforms
SN - 978-989-758-000-0
AU - Weiser S.
AU - Toegl R.
AU - Winter J.
PY - 2014
SP - 237
EP - 246
DO - 10.5220/0004877702370246