Towards Trustworthy and Secure Internet of Things Devices : Using hardware-assisted Trusted Execution and Automated Certification

Abstract: The advent of Trusted Execution Environments (TEEs) for IoT aligns with the reinforcement of IoT security through recent laws and regulations. A major part of IoT systems comprises of resource-constrained devices, with less margin in memory and computation capabilities to embed sophisticated security solutions. Hence, hardware-based TEEs provide resource-efficient remedies to known attack vectors with reduced software attack surface. In this dissertation, we identified challenges cropping up from the heterogeneity of the IoT infrastructure, that hindered the adoption of TEEs in resource-constrained IoT. We ultimately approach the security of IoT devices through automated certification with hardware-rooted assurance guarantees. The contributions of this dissertation are made through six research papers addressing these challenges. TEEs provide hardware-supported mechanisms to create secure areas to store sensitive data and execute critical software. However, the secure areas lack a secure way to communicate with the rest of the system. Moreover, once a software is placed in the secure areas, it becomes extremely difficult to detect and trace misbehaviour. To this end, we contribute frameworks that strengthen the functionality of TrustZone-M, which is ARM’s TEE designed for resource-constrained IoT. The addition of a secure communication channel in TrustZone-M enabled IoT devices guarantees confidentiality and integrity of shared data between the system applications and the secure areas even in case of a compromised OS. In addition, our contribution to the TrustZone-M secure areas to enable monitoring and blocking of malicious behaviour by applications, adds protection in the presence of untrusted third-party critical software.Secondly, we propose an automated digital certification of IoT devices by combining the Public Key Infrastructure standard authentication mechanisms with attributes of software assurance. The resultant process and the certificate is compliant with standards, bearing potential for seamless integration into existing and forthcoming IoT standards and incorporates assurance guarantees with minimal addition to the existing digital certificate.Lastly, we contribute a software update architecture based on well-vetted standards, proposing token-based access control. The architecture relies on a compact message encoding format to encode the software manifests, providing authorized updates while ensuring small code and message sizes suitable for resource-constrained IoT devices. The experimental evaluations of the proposed solutions in well-defined IoT use-cases, reveal the feasibility of their integration in existing devices with minimal effort. Furthermore, the performance analysis in each case, demonstrates execution overhead at par with system operations. The overall contribution of this dissertation advances the security of resource-constrained heterogeneous IoT devices, with substantial impact in the academic and industrial community. Since TrustZone-M and TPM 2.0 are in the preliminary stages of adoption in the IoT domain, these enhancements and contributions are well-timed for efficient integration, while looking forward to the effective pay-off in the near future.