Abstract
Embedded systems are increasingly pervasive, interdependent and in many cases critical to our every day life and safety. Tiny devices that cannot afford sophisticated hardware security mechanisms are embedded in complex control infrastructures, medical support systems and entertainment products [51]. As such devices are increasingly subject to attacks, new hardware protection mechanisms are needed to provide the required resilience and dependency at low cost. In this work, we present the TrustLite security architecture for flexible, hardware-enforced isolation of software modules. We describe mechanisms for secure exception handling and communication between protected modules, enabling seamless interoperability with untrusted operating systems and tasks. TrustLite scales from providing a simple protected firmware runtime to advanced functionality such as attestation and trusted execution of userspace tasks. Our FPGA prototype shows that these capabilities are achievable even on low-cost embedded systems.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 9th European Conference on Computer Systems, EuroSys 2014 |
| Place of Publication | New York |
| Publisher | Association for Computing Machinery |
| Pages | 1-14 |
| Number of pages | 14 |
| ISBN (Print) | 9781450327046 |
| DOIs | |
| Publication status | Published - 2014 |
| Event | 9th ACM European Conference on Computer Systems, EuroSys 2014 - Amsterdam, Netherlands Duration: 14 Apr 2014 → 16 Apr 2014 |
Other
| Other | 9th ACM European Conference on Computer Systems, EuroSys 2014 |
|---|---|
| Country/Territory | Netherlands |
| City | Amsterdam |
| Period | 14/04/14 → 16/04/14 |