|ISC-FLAT: On the Conflict Between Control Flow Attestation and Real-Time Operations
The wide adoption of IoT gadgets and CyberPhysical Systems (CPS) makes embedded devices increasingly important. While some of these devices perform mission-critical tasks, they are usually implemented using Micro-Controller Units (MCUs) that lack security mechanisms on par with those available to general-purpose computers, making them more susceptible to remote exploits that could corrupt their software integrity. Motivated by this problem, prior work has proposed techniques to remotely assess the trustworthiness of embedded MCU software. Among them, Control Flow Attestation (CFA) enables remote detection of runtime abuses that illegally modify the program’s control ﬂow during execution (e.g., control ﬂow hijacking and code reuse attacks).
|Year of Publication
San Antonio, TX, USA
|Google Scholar | BibTeX | DOI