More Like this

1. SIA: Secure Intermittent Architecture for Off-the-Shelf Resource-Constrained Microcontrollers

   Dinu, Daniel; Krishan, Archanaa; Schaumont, Patrick (May 2019, IEEE International Symposium on Hardware Oriented Security and Trust (HOST))

   Recent advancements in energy-harvesting techniques provide an alternative to batteries for resource-constrained IoT devices and lead to a new computing paradigm, the intermittent computing model. In this model, a software module continues its execution from where it left off when an energy shortage occurred. Enforcing security of an intermittent software module is challenging because its power-off state has to be protected from a malicious adversary in addition to its power-on state, while the security mechanisms put in place must have a low overhead on the performance, resource consumption, and cost of a device. In this paper, we propose SIA (Secure Intermittent Architecture), a security architecture for resource-constrained IoT devices. SIA leverages low-cost security features available in commercial off-the-shelf microcontrollers to protect both the power-on and power-off state of an intermittent software module. Therefore, SIA enables a host of secure intermittent computing applications such as self-attestation, remote attestation, and secure communication. Moreover, our architecture provides confidentiality and integrity guarantees to an intermittent computing module at no cost compared to previous approaches in the literature that impose significant overheads. The salient characteristic of SIA is that it does not require any hardware modifications, and hence, it can be directly applied to existing IoT devices. We implemented and evaluated SIA on a resource-constrained IoT device based on an MSP430 processor. Besides being secure, SIA is simple and efficient. We confirm the feasibility of SIA for resource-constrained IoT devices with experimental results of several intermittent computing applications. Our prototype implementation outperforms by two to three orders of magnitude the secure intermittent computing solution of Suslowicz et al. presented at IGSC 2018. 

   more » « less
2. Developing Quantum Trusted Platform Module (QTPM) to Advance IoT Security

   https://doi.org/10.3390/fi17050193  

   Xu, Guobin; Adetifa, Oluwole; Mao, Jianzhou; Sakk, Eric; Wang, Shuangbao (May 2025, Future Internet)

   Randomness is integral to computer security, influencing fields such as cryptography and machine learning. In the context of cybersecurity, particularly for the Internet of Things (IoT), high levels of randomness are essential to secure cryptographic protocols. Quantum computing introduces significant risks to traditional encryption methods. To address these challenges, we propose investigating a quantum-safe solution for IoT-trusted computing. Specifically, we implement the first lightweight, practical integration of a quantum random number generator (QRNG) with a software-based trusted platform module (TPM) to create a deployable quantum trusted platform module (QTPM) prototype for IoT systems to improve cryptographic capabilities. The proposed quantum entropy as a service (QEaaS) framework further extends quantum entropy access to legacy and resource-constrained devices. Through the evaluation, we compare the performance of QRNG with traditional Pseudo-random Number Generators (PRNGs), demonstrating the effectiveness of the quantum TPM. Our paper highlights the transformative potential of integrating quantum technology to bolster IoT security. 

   more » « less
3. Secure Application Continuity in Intermittent Systems

   Suslowicz, Charles; Krishnan, Archanaa; Dinu, Daniel; Schaumont, Patrick (October 2018, 9th International Green and Sustainable Computing Conference (IGSC18))

   Intermittent systems operate embedded devices without a source of constant reliable power, relying instead on an unreliable source such as an energy harvester. They overcome the limitation of intermittent power by retaining and restoring system state as checkpoints across periods of power loss. Previous works have addressed a multitude of problems created by the intermittent paradigm, but do not consider securing intermittent systems. In this paper, we address the security concerns created through the introduction of checkpoints to an embedded device. When the non-volatile memory that holds checkpoints can be tampered, the checkpoints can be replayed or duplicated. We propose secure application continuity as a defense against these attacks. Secure application continuity provides assurance that an application continues where it left off upon power loss. In our secure continuity solution, we define a protocol that adds integrity, authenticity, and freshness to checkpoints. We develop two solutions for our secure checkpointing design. The first solution uses a hardware accelerated implementation of AES, while the second one is based on a software implementation of a lightweight cryptographic algorithm, Chaskey. We analyze the feasibility and overhead of these designs in terms of energy consumption, execution time, and code size across several application configurations. Then, we compare this overhead to a non-secure checkpointing system. We conclude that securing application continuity does not come cheap and that it increases the overhead of checkpoint restoration from 3.79 μJ to 42.96 μJ with the hardware accelerated solution and 57.02 μJ with the software based solution. To our knowledge, no one has yet considered the cost to provide security guarantees for intermittent operations. Our work provides future developers with an empirical evaluation of this cost, and with a problem statement for future research in this area. 

   more » « less
4. Attacks on Continuous Chaos Communication and Remedies for Resource Limited Devices

   https://doi.org/10.1109/isqed57927.2023.10129355  

   Vishwakarma, Rahul; Monani, Ravi; Rezaei, Amin; Sayadi, Hossein; Aliasgari, Mehrdad; Hedayatipour, Ava (April 2023, 2023 24th International Symposium on Quality Electronic Design (ISQED))

   The Global Wearable market is anticipated to rise at a considerable rate in the next coming years and communication is a fundamental block in any wearable device. In communication, encryption methods are being used with the aid of microcontrollers or software implementations, which are power-consuming and incorporate complex hardware implementation. Internet of Things (IoT) devices are considered as resource-constrained devices that are expected to operate with low computational power and resource utilization criteria. At the same time, recent research has shown that IoT devices are highly vulnerable to emerging security threats, which elevates the need for low-power and small-size hardware-based security countermeasures. Chaotic encryption is a method of data encryption that utilizes chaotic systems and non-linear dynamics to generate secure encryption keys. It aims to provide high-level security by creating encryption keys that are sensitive to initial conditions and difficult to predict, making it challenging for unauthorized parties to intercept and decode encrypted data. Since the discovery of chaotic equations, there have been various encryption applications associated with them. In this paper, we comprehensively analyze the physical and encryption attacks on continuous chaotic systems in resource-constrained devices and their potential remedies. To this aim, we introduce different categories of attacks of chaotic encryption. Our experiments focus on chaotic equations implemented using Chua’s equation and leverages circuit architectures and provide simulations proof of remedies for different attacks. These remedies are provided to block the attackers from stealing users’ information (e.g., a pulse message) with negligible cost to the power and area of the design. 

   more » « less
5. On Runtime Software Security of TrustZone-M Based IoT Devices

   https://doi.org/10.1109/GLOBECOM42002.2020.9322370  

   Luo, Lan; Zhang, Yue; Zou, Cliff; Shao, Xinhui; Ling, Zhen; Fu, Xinwen (December 2020, GLOBECOM 2020 - 2020 IEEE Global Communications Conference)

   null (Ed.)

   Internet of Things (IoT) devices have been increasingly integrated into our daily life. However, such smart devices suffer a broad attack surface. Particularly, attacks targeting the device software at runtime are challenging to defend against if IoT devices use resource-constrained microcontrollers (MCUs). TrustZone-M, a TrustZone extension for MCUs, is an emerging security technique fortifying MCU based IoT devices. This paper presents the first security analysis of potential software security issues in TrustZone-M enabled MCUs. We explore the stack-based buffer overflow (BOF) attack for code injection, return-oriented programming (ROP) attack, heap-based BOF attack, format string attack, and attacks against Non-secure Callable (NSC) functions in the context of TrustZone-M. We validate these attacks using the Microchip SAM L11 MCU, which uses the ARM Cortex-M23 processor with the TrustZone-M technology. Strategies to mitigate these software attacks are also discussed. 

   more » « less