Automated Security Analysis for Real-World IoT Devices
Authors: 
Lelio Brun, Ichiro Hasuo, Yasushi Ono, and Taro SekiyamaAuthors Info & Claims
Lelio Brun, Ichiro Hasuo, Yasushi Ono, and Taro SekiyamaAuthors Info & ClaimsOctober 2023
Pages 29 - 37
Abstract
Automatic security protocol analysis is a fruitful research topic that demonstrates the application of formal methods to security analysis. Several endeavors in the last decades successfully verified security properties of large-scale network protocols like TLS, sometimes unveiling unknown vulnerabilities.
In this work, we show how to apply these techniques to the domain of IoT, where security is a critical aspect. While most existing security analyses for IoT tackle individually either protocols, firmware or applications, our goal is to treat IoT systems as a whole. We focus our work on a case study, the Armadillo-IoT G4 device, highlighting the specific challenges we must tackle to analyze the security of a typical IoT device. We propose a model using the Tamarin prover, that allows us to state certain key security properties about the device and to prove them automatically.
References
[1]
2023. OP-TEE. Trusted Firmware.
[2]
Martín Abadi, Bruno Blanchet, and Cédric Fournet. 2017. The Applied Pi Calculus: Mobile Values, New Names, and Secure Communication. J. ACM 65, 1 (Oct. 2017), 1:1–1:41. https://doi.org/10.1145/3127586
[3]
Martín Abadi and Cédric Fournet. 2001. Mobile Values, New Names, and Secure Communication. In Proceedings of the 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages(POPL ’01). Association for Computing Machinery, New York, NY, USA, 104–115. https://doi.org/10.1145/360204.360213
[4]
A. Armando, D. Basin, Y. Boichut, Y. Chevalier, L. Compagna, J. Cuellar, P. Hankes Drielsma, P. C. Heám, O. Kouchnarenko, J. Mantovani, S. Mödersheim, D. von Oheimb, M. Rusinowitch, J. Santiago, M. Turuani, L. Viganò, and L. Vigneron. 2005. The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In Computer Aided Verification(CAV’05), Kousha Etessami and Sriram K. Rajamani (Eds.). Springer, Berlin, Heidelberg, 281–285. https://doi.org/10.1007/11513988_27
[5]
Karthikeyan Bhargavan, Bruno Blanchet, and Nadim Kobeissi. 2017. Verified Models and Reference Implementations for the TLS 1.3 Standard Candidate. In 2017 IEEE Symposium on Security and Privacy(SP’17). 483–502. https://doi.org/10.1109/SP.2017.26
[6]
Bruno Blanchet. 2001. An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In Proceedings of the 14th IEEE Workshop on Computer Security Foundations(CSFW ’01). IEEE Computer Society, USA, 82–96. https://doi.org/10.1109/CSFW.2001.930138
[7]
Bruno Blanchet. 2017. Symbolic and Computational Mechanized Verification of the ARINC823 Avionic Protocols. In 2017 IEEE 30th Computer Security Foundations Symposium(CSF’17). 68–82. https://doi.org/10.1109/CSF.2017.7
[8]
Z. Berkay Celik, Patrick McDaniel, and Gang Tan. 2018. SOTERIA: Automated IoT Safety and Security Analysis. In Proceedings of the 2018 USENIX Conference on Usenix Annual Technical Conference(USENIX ATC ’18). USENIX Association, USA, 147–158.
[9]
Vincent Cheval, Charlie Jacomme, Steve Kremer, and Robert Künnemann. 2022. SAPIC+: Protocol Verifiers of the World, Unite!. In 31st USENIX Security Symposium (USENIX Security 22)(USENIX’22). USENIX Association, Boston, MA, 3935–3952.
[10]
Vincent Cheval, Steve Kremer, and Itsaka Rakotonirina. 2018. DEEPSEC: Deciding Equivalence Properties in Security Protocols Theory and Practice. In 2018 IEEE Symposium on Security and Privacy(SP’18). 529–546. https://doi.org/10.1109/SP.2018.00033
[11]
Cas Cremers, David Basin, Jannik Dreier, Simon Meier, Ralf Sasse, and Benedikt Schmidt. 2021. Tamarin Prover.
[12]
Cas Cremers and Martin Dehnel-Wild. 2019. Component-Based Formal Analysis of 5G-AKA: Channel Assumptions and Session Confusion. Network and Distributed System Security Symposium (2019). https://doi.org/10.14722/ndss.2019.23394
[13]
Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott, and Thyla van der Merwe. 2017. A Comprehensive Symbolic Analysis of TLS 1.3. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security(CCS ’17). Association for Computing Machinery, New York, NY, USA, 1773–1788. https://doi.org/10.1145/3133956.3134063
[14]
Cas Cremers, Benjamin Kiesl, and Niklas Medinger. 2020. A Formal Analysis of IEEE 802.11’s WPA2: Countering the Kracks Caused by Cracking the Counters. In Proceedings of the 29th USENIX Conference on Security Symposium(SEC’20). USENIX Association, USA, 1–17. https://doi.org/10.5555/3489212.3489213
[15]
Danny Dolev and Andrew C. Yao. 1983. On the Security of Public Key Protocols. IEEE Transactions on Information Theory 29, 2 (March 1983), 198–208. https://doi.org/10.1109/TIT.1983.1056650
[16]
Santiago Escobar, Catherine Meadows, and José Meseguer. 2009. Maude-NPA: Cryptographic Protocol Analysis Modulo Equational Properties. In Foundations of Security Analysis and Design V: FOSAD 2007/2008/2009 Tutorial Lectures, Alessandro Aldini, Gilles Barthe, and Roberto Gorrieri (Eds.). Springer, Berlin, Heidelberg, 1–50.
[17]
Zheng Fang, Hao Fu, Tianbo Gu, Pengfei Hu, Jinyue Song, Trent Jaeger, and Prasant Mohapatra. 2022. IOTA: A Framework for Analyzing System-Level Security of IoTs. In 2022 IEEE/ACM Seventh International Conference on Internet-of-Things Design and Implementation (IoTDI)(IoTDI’22). 143–155. https://doi.org/10.1109/IoTDI54339.2022.00017
[18]
Trusted Firmware. 2023. OP-TEE documentation. https://optee.readthedocs.io/en/3.22.0/
[19]
GlobalPlatform. 2010. TEE Client API Specification. https://globalplatform.org/specs-library/tee-client-api-specification/
[20]
GlobalPlatform. 2020. Secure Channel Protocol ’03’. https://globalplatform.org/specs-library/secure-channel-protocol-03-amendment-d-v1-2/
[21]
GlobalPlatform. 2021. TEE Internal Core API Specification. https://globalplatform.org/specs-library/tee-internal-core-api-specification/
[22]
Andreas V. Hess, Sebastian A. Mödersheim, and Achim D. Brucker. 2023. Stateful Protocol Composition in Isabelle/HOL. ACM Transactions on Privacy and Security (Jan. 2023). https://doi.org/10.1145/3577020
[23]
Katharina Hofer-Schmitz and Branka Stojanović. 2020. Towards Formal Verification of IoT Protocols: A Review. Computer Networks 174 (June 2020), 107233. https://doi.org/10.1016/j.comnet.2020.107233
[24]
Charlie Jacomme, Steve Kremer, and Guillaume Scerri. 2017. Symbolic Models for Isolated Execution Environments. In 2017 IEEE European Symposium on Security and Privacy (EuroS&P)(EuroS&P’17). 530–545. https://doi.org/10.1109/EuroSP.2017.16
[25]
Jun Young Kim, Ralph Holz, Wen Hu, and Sanjay Jha. 2017. Automated Analysis of Secure Internet of Things Protocols. In Proceedings of the 33rd Annual Computer Security Applications Conference(ACSAC ’17). Association for Computing Machinery, New York, NY, USA, 238–249. https://doi.org/10.1145/3134600.3134624
[26]
Nadim Kobeissi, Karthikeyan Bhargavan, and Bruno Blanchet. 2017. Automated Verification for Secure Messaging Protocols and Their Implementations: A Symbolic and Computational Approach. In 2017 IEEE European Symposium on Security and Privacy(EuroS&P’17). 435–450. https://doi.org/10.1109/EuroSP.2017.38
[27]
Steve Kremer and Robert Künnemann. 2014. Automated Analysis of Security Protocols with Global State. In 35th IEEE Symposium on Security and Privacy (S&P’14)(S&P’14), IEEE Computer Society (Ed.). San Jose, United States, 163–178. https://doi.org/10.1109/SP.2014.18
[28]
Simon Meier, Benedikt Schmidt, Cas Cremers, and David Basin. 2013. The TAMARIN Prover for the Symbolic Analysis of Security Protocols. In Computer Aided Verification(CAV’13), Natasha Sharygina and Helmut Veith (Eds.). Springer, Berlin, Heidelberg, 696–701. https://doi.org/10.1007/978-3-642-39799-8_48
[29]
J Mitchell, A Scedrov, N Durgin, and P Lincoln. 1999. Undecidability of Bounded Security Protocols. In Workshop on Formal Methods and Security Protocols.
[30]
Bernard Ngabonziza, Daniel Martin, Anna Bailey, Haehyun Cho, and Sarah Martin. 2016. TrustZone Explained: Architectural Features and Use Cases. In 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC)(CIC’16). 445–451. https://doi.org/10.1109/CIC.2016.065
[31]
Dang Tu Nguyen, Chengyu Song, Zhiyun Qian, Srikanth V. Krishnamurthy, Edward J. M. Colbert, and Patrick McDaniel. 2018. IotSan: Fortifying the Safety of IoT Systems. In Proceedings of the 14th International Conference on Emerging Networking EXperiments and Technologies(CoNEXT ’18). Association for Computing Machinery, New York, NY, USA, 191–203. https://doi.org/10.1145/3281411.3281440
[32]
NXP. 2021. SE050 APDU Specification. https://www.nxp.com/docs/en/application-note/AN12413.pdf
[33]
Xinming Ou, Sudhakar Govindavajhala, and Andrew W. Appel. 2005. MulVAL: A Logic-Based Network Security Analyzer. In Proceedings of the 14th Conference on USENIX Security Symposium - Volume 14(SSYM’05). USENIX Association, USA, 8.
[34]
Mohamed Sabt, Mohammed Achemlal, and Abdelmadjid Bouabdallah. 2015. Trusted Execution Environment: What It Is, and What It Is Not. In 2015 IEEE Trustcom/BigDataSE/ISPA(TrustCom’15, Vol. 1). 57–64. https://doi.org/10.1109/Trustcom.2015.357
[35]
Benedikt Schmidt, Simon Meier, Cas Cremers, and David Basin. 2012. Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties. In 2012 IEEE 25th Computer Security Foundations Symposium(CSF’12). 78–94. https://doi.org/10.1109/CSF.2012.25
[36]
Carlton Shepherd, Ghada Arfaoui, Iakovos Gurulian, Robert P. Lee, Konstantinos Markantonakis, Raja Naeem Akram, Damien Sauveron, and Emmanuel Conchon. 2016. Secure and Trusted Execution: Past, Present, and Future - A Critical Review in the Context of the Internet of Things and Cyber-Physical Systems. In 2016 IEEE Trustcom/BigDataSE/ISPA(TrustCom’16). 168–177. https://doi.org/10.1109/TrustCom.2016.0060
[37]
The Tamarin Team. 2023. Tamarin-Prover Manual. https://tamarin-prover.github.io/manual/master/tex/tamarin-manual.pdf
[38]
Atmark Techno. 2023. Armadillo-IoTゲートウェイ G4 セキュリティガイド. https://manual.atmark-techno.com/armadillo-iot-g4/armadillo-base-os-security-guide_ja-1.3.1/
[39]
Teng Xu, James B. Wendt, and Miodrag Potkonjak. 2014. Security of IoT Systems: Design Challenges and Opportunities. In 2014 IEEE/ACM International Conference on Computer-Aided Design (ICCAD)(ICCAD’14). 417–423. https://doi.org/10.1109/ICCAD.2014.7001385
Recommendations
Reconstructing a lightweight security protocol in the radio‐frequency identification systems
AbstractNowadays, the Internet of things (IoT) has extensively found its way into everyday life, raising the alarm regarding data security and user privacy. However, IoT devices have numerous limitations that inhibit the implementation of optimal cost‐...
A model-based approach for vulnerability analysis of IoT security protocols: The Z-Wave case study
Highlights- Definition of a library of primitives to model security communication protocols.
- Definition of a set of schema for temporal logic formulas to specify confidentiality, integrity and authentication properties and verify protocol security ...
AbstractIoT (Internet of Things) devices are extensively used in security-critical services, as for example home door opening, gas monitoring, alarm systems, etc. Often, they use communication protocols with no standardisation and no security guarantee. ...
Protecting IoT devices from security attacks using effective decision-making strategy of appropriate features
AbstractThe term "Internet of things (IoT)” refers to a network in which data from all connected devices may be gathered, analyzed, and modified as per requirements to offer new services. IoT devices require a constant Internet connection to exchange ...
Comments
Information & Contributors
Information
Published In
October 2023
106 pages
ISBN:9798400716232
DOI:10.1145/3623652
Copyright © 2023 Owner/Author.
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 29 October 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
HASP '23
HASP '23: Hardware and Architectural Support for Security and Privacy 2023
October 29, 2023
Toronto, Canada
Acceptance Rates
Overall Acceptance Rate 9 of 13 submissions, 69%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 297Total Downloads
- Downloads (Last 12 months)297
- Downloads (Last 6 weeks)45
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatGet Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in