ASSURED CyberSecurity and Insider Threats: Towards Practical Solutions for Efficient and Scalable Attestation Capabilities

Seeking to design successful supply chain service management and various IoT applications comprising millions of autonomous cyber-physical systems, one has to cater to the security, trust and privacy requirements of all involved actors (i.e., smart connected edge and cloud devices). One key challenge in such complex systems is how to establish and manage trust, starting from bi-lateral interactions between two single system components and continuing as such systems get connected to ever larger entities.

But how can we make sound statements on the security properties of single systems and transfer this to statements on the security properties of hierarchical compositions of systems (“Systems-of-Systems” (SoS))?

Towards this direction, there is a plethora of research initiatives exploring the integration of remote attestation mechanisms, as a central building block for the trusted exchange of data as well as for secure device management. In a nutshell, remote attestation mechanisms operate on a network that comprises thousands of low-end (collaborating) edge devices that work together to support a safety-critical decision process based on measurements received from many deployed actuators. In this context, the underlying protocols should not only be able to handle all the messages originating from these devices but also actuators need to verify that all platforms from which they receive data are uncompromised (integrity) while also having the minimum possible performance impact.

Especially for the latter, one of the core challenges that limit the adoption of attestation mechanisms in embedded systems, is the computational requirements needed for extracting the runtime configuration and executional behavior measurements of a system. While there has been a lot of work on memory introspection approaches enabling the real-time tracing of the control- and information-flow execution paths of a device’s codebase (needed for runtime attestation), these are still prone to criticism: Pure SW-based techniques, while efficient, offer dubious security guarantees. Most hardware-based techniques are too costly for low-end embedded devices.

Compounding these issues, ASSURED invites you to its second webinar focusing on the novel ideas and methodologies it has researched for overcoming the obstacles that prevent the use of remote attestation in practice. Participants will be introduced to the highly efficient attestation schemes designed targeting both the software and hardware layers of a devices and covering all phases of a device’s execution; from the trusted boot and integrity measurement of a CPS, enabling the generation of static, boot-time or load-time evidence of the system’s components correct configuration (Configuration Integrity Verification), to the runtime behavioral attestation of those safety-critical components of a system providing strong guarantees on the correctness of the control- and information-flow properties, thus, enhancing the performance and scalability when composing secure systems from potentially insecure components. Especially for the latter, ASSURED will present its break through leveraging AI capabilities for enhancing both the accuracy of control-flow attestation mechanisms but also their resilience profile against Return-Oriented and Data-Oriented Programming attacks, thus, providing enhanced operation assurance and bringing us closer to the overall goal of having a complete toolkit capable of deciding about the trustworthiness of remote platforms based on meaningful properties.  

The webinar will be held remotely on Wednesday, May 31^st between 10:00 – 12:30 CEST with the help of Ubitech and the Computer Science department of TU Darmstadt.

AGENDA