Skip to Main content Skip to Navigation
Book sections

Remote attestation of bare-metal microprocessor software: a formally verified security monitor

Abstract : Remote attestation is a protocol to verify that a remote algorithm satisfies security properties, allowing to establish dynamic root of trust. Modern architectures for remote attestation combine signature or MAC primitives with hardware monitors to enforce secret confidentiality. Our works are based on a verified hardware/software co-design for remote attestation, VRASED. Its proof is established using formal methods and its implementation is conducted on a simple embedded device based on a single core microcontroller. A heavy modification of the core, along with a hardware monitor, enforces security properties. We propose to extend this method to microprocessors where cores cannot be modified. In this paper, we tackle this problem with support from the microprocessor's debug interface and demonstrate that the same security properties also hold.
Document type :
Book sections
Complete list of metadata

https://hal.archives-ouvertes.fr/hal-03576711
Contributor : Jonathan CERTES Connect in order to contact the contributor
Submitted on : Wednesday, February 16, 2022 - 11:22:18 AM
Last modification on : Monday, July 4, 2022 - 8:48:54 AM
Long-term archiving on: : Tuesday, May 17, 2022 - 6:30:02 PM

File

article.pdf
Files produced by the author(s)

Identifiers

Citation

Jonathan Certes, Benoît Morgan. Remote attestation of bare-metal microprocessor software: a formally verified security monitor. Database and Expert Systems Applications - DEXA 2021 Workshops: BIOKDD, IWCFS, MLKgraphs, AI-CARES, ProTime, AISys 2021, Virtual Event, September 27–30, 2021, Proceedings, 1479, Springer International Publishing, pp.42-51, 2021, Communications in Computer and Information Science book series (CCIS), 978-3-030-87100-0. ⟨10.1007/978-3-030-87101-7_5⟩. ⟨hal-03576711⟩

Share

Metrics

Record views

81

Files downloads

67