Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

OAT - Attesting Operation Integrity of Embedded Devices

IEEE via YouTube

Overview

Explore a comprehensive IEEE conference talk on OAT (Operation Attestation), a novel system for attesting operation integrity of embedded devices in IoT/CPS systems. Learn about the formulation of Operation Execution Integrity (OEI) and how OAT enables remote attestation for ARM-based bare-metal embedded devices. Discover the innovative control-flow measurement scheme, abstract execution for remote verification, and lightweight integrity checking for critical data. Understand the security implications, including detection of control flow hijacks and data-only attacks on IoT devices. Examine the implementation details, performance tests, and security analysis of OAT, which achieves a 97% space reduction in measurement collection and a 74% reduction in instrumentation compared to previous approaches, while incurring only a 2.7% runtime overhead.

Syllabus

Intro
The unverifiable (blind) trust
Existing solutions -- attestation
Example: vulnerable robotic arm
Our Solution
OEI (Operation Exec. Integrity)
OEI: two sub-properties
Attestation Challenges
OAT (OEI Attestation Framework)
Threat model
Operations
CFI Attestation
Intuitive measurement schemes
A hybrid scheme
Measurement Collection & Verification
Critical variable identification
Existing data integrity checks
Def-Use Value Integrity (DVI)
Implementation notes
Tests on real embedded firmware
Micro Performance Tests
Comparisons
Security Tests & Analysis
Conclusion

Taught by

IEEE Symposium on Security and Privacy

Reviews

Start your review of OAT - Attesting Operation Integrity of Embedded Devices

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.