Trustworthy Runtime Verification on Resource-constrained Platforms
John Clemens (Senior Professional Staff, Johns Hopkins University Applied Physics Lab)
- Branden Sherrell (Professional Staff, Johns Hopkins University Applied Physics Lab)
- Rajendranath Pal (Information Assurance Security Researcher, US Government, Dept of Defense)
Trust & Security
50-Minute Technical Session
Audience Level: All
Edge devices are critical and ubiquitous components of many cyber-physical systems, yet trustworthy runtime verification of software/firmware on these systems remains a challenge as limited CPU, power, and memory resources requires re-thinking traditional approaches to security and isolation. In this talk we present IoTA, a reference framework for extensible and trustworthy runtime integrity verification to resource constrained platforms. IoTA leverages Arm's Mbedos and uVisor to sandbox applications, keys, and verifiers, using this isolation as a root of trust. We discuss the tradeoffs necessary to implement our system, compare it to similar frameworks targeting more capable systems, and discuss implementation challenges.
Trustworthy runtime verification of software/firmware on microcontrollers remains a challenge due to limited CPU, power, and memory resources. Our prototype, IoTA, provides a reference framework for trustworthy, extensible, and low-overhead runtime verification of firmware and applications. It leverages mBedOS and uVisor's isolation guarantees to extend trust throughout the platform.