a security architecture for tiny embedded devices

Patrick Koeberl, Steffen Schulz, Ahmad-Reza Sadeghi, Vijay Varadharajan

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

143 Citations (Scopus)


Embedded systems are increasingly pervasive, interdependent and in many cases critical to our every day life and safety. Tiny devices that cannot afford sophisticated hardware security mechanisms are embedded in complex control infrastructures, medical support systems and entertainment products [51]. As such devices are increasingly subject to attacks, new hardware protection mechanisms are needed to provide the required resilience and dependency at low cost. In this work, we present the TrustLite security architecture for flexible, hardware-enforced isolation of software modules. We describe mechanisms for secure exception handling and communication between protected modules, enabling seamless interoperability with untrusted operating systems and tasks. TrustLite scales from providing a simple protected firmware runtime to advanced functionality such as attestation and trusted execution of userspace tasks. Our FPGA prototype shows that these capabilities are achievable even on low-cost embedded systems.

Original languageEnglish
Title of host publicationProceedings of the 9th European Conference on Computer Systems, EuroSys 2014
Place of PublicationNew York
PublisherAssociation for Computing Machinery
Number of pages14
ISBN (Print)9781450327046
Publication statusPublished - 2014
Event9th ACM European Conference on Computer Systems, EuroSys 2014 - Amsterdam, Netherlands
Duration: 14 Apr 201416 Apr 2014


Other9th ACM European Conference on Computer Systems, EuroSys 2014

Fingerprint Dive into the research topics of 'TrustLite: a security architecture for tiny embedded devices'. Together they form a unique fingerprint.

Cite this