Remote Attestation of Kernel Integrity on Embedded Platforms

OData support
Supervisor:
Dr. Buttyán Levente
Department of Networked Systems and Services

The increasing number of Internet connected devices (Internet of Things, or IoT for short) attracted more and more attackers towards these devices in recent times. Attackers which gain access to these devices can change their configuration, which can result in unexpected behavior, or an unreliable device. These devices are often accessed remotely, in which case the device owner or service provider needs a way to assure the device's state and trustworthiness.

Remote attestation provides a method for a device to authenticate its state to a remote host. Multiple integrity measurement techniques can be used to remotely attest the hardware and software state, such as checking the hardware configuration, or verifying the integrity of the device's memory content. I designed and implemented a simple remote attestation protocol which uses hardware assisted security features that are present on many low-cost embedded devices. I used existing integrity verification methods to demonstrate the protocol's operation. In my work I focused on the integrity attestation of the kernel, which is the most important software component of the device.

Downloads

Please sign in to download the files of this thesis.