research-article

Protecting Actuators in Safety-Critical IoT Systems from Control Spoofing Attacks

Authors:

Sibin MohanAuthors Info & Claims

IoT S&P'19: Proceedings of the 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things

Pages 8 - 14

https://doi.org/10.1145/3338507.3358615

Published: 15 November 2019 Publication History

Abstract

In this paper, we propose a framework called Contego-TEE to secure Internet-of-Things (IoT) edge devices with timing requirements from control spoofing attacks where an adversary sends malicious control signals to the actuators. We use a trusted computing base available in commodity processors (such as ARM TrustZone) and propose an invariant checking mechanism to ensure the security and safety of the physical system. A working prototype of Contego-TEE was developed using embedded Linux kernel. We demonstrate the feasibility of our approach for a robotic vehicle running on an ARM-based platform.

References

[1]

C.-Y. Chen, M. Hasan, and S. Mohan, "Securing real-time Internet-of-things," Sensors, vol. 18, no. 12, 2018.

[2]

J. Westling, "Future of the Internet of things in mission critical applications," 2016.

[3]

N. Falliere, L. O. Murchu, and E. Chien, "W32. stuxnet dossier," White paper, Symantec Corp., Security Response, vol. 5, p. 6, 2011.

[4]

S. S. Clark and K. Fu, "Recent results in computer security for medical devices," in MobiHealth, 2011, pp. 111--118.

[5]

S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno et al., "Comprehensive experimental analyses of automotive attack surfaces," in USENIX Sec. Symp., 2011.

[6]

"I2C manual," Philips Semiconductors, 2003. [Online]. Available: https://tinyurl.com/i2c-manual

[7]

"Raspberry Pi," https://www.raspberrypi.org/products/raspberry-pi-3-model-b/.

[8]

"Robot arm control," https://github.com/tutRPi/6DOF-Robot-Arm.

[9]

M. Sabt, M. Achemlal, and A. Bouabdallah, "Trusted execution environment: What it is, and what it is not," in IEEE Trustcom/BigDataSE/ISPA, 2015, pp. 57--64.

Digital Library

[10]

S. Pinto and N. Santos, "Demystifying ARM TrustZone: A comprehensive survey," ACM CSUR, vol. 51, no. 6, p. 130, 2019.

[11]

V. Costan and S. Devadas, "Intel SGX Explained," IACR Crypt. ePrint Arch., no. 086, pp. 1--118, 2016.

[12]

C. L. Liu and J. W. Layland, "Scheduling algorithms for multiprogramming in a hard-real-time environment," JACM, vol. 20, no. 1, pp. 46--61, 1973.

Digital Library

[13]

N. Audsley, A. Burns, M. Richardson, K. Tindell, and A. J. Wellings, "Applying new scheduling theory to static priority pre-emptive scheduling," SE Journal, vol. 8, no. 5, pp. 284--292, 1993.

[14]

"TEE client API specification v1.0," https://globalplatform.org/specs-library/tee-client-api-specification/.

[15]

T. Liu, A. Hojjati, A. Bates, and K. Nahrstedt, "Alidrone: Enabling trustworthy proof-of-alibi for commercial drone compliance," in IEEE ICDCS, 2018, pp. 841--852.

[16]

F. Loi, A. Sivanathan, H. H. Gharakheili, A. Radford, and V. Sivaraman, "Systematically evaluating security and privacy for consumer IoT devices," in ACM IoTS&P, 2017, pp. 1--6.

[17]

R. Pellizzoni, N. Paryab, M.-K. Yoon, S. Bak, S. Mohan, and R. B. Bobba, "A generalized model for preventing information leakage in hard real-time systems," in IEEE RTAS, 2015, pp. 271--282.

[18]

M.-K. Yoon, S. Mohan, J. Choi, M. Christodorescu, and L. Sha, "Learning execution contexts from system call distribution for anomaly detection in smart embedded system," in ACM/IEEE IoTDI, 2017, pp. 191--196.

[19]

L. Sha, "Using simplicity to control complexity," IEEE Software, vol. 18, no. 4, pp. 20--28, 2001.

Digital Library

[20]

X. Liu, Q. Wang, S. Gopalakrishnan, W. He, L. Sha, H. Ding, and K. Lee, "ORTEGA: An efficient and flexible online fault tolerance architecture for real-time control systems," IEEE T. on Ind. Inf., vol. 4, no. 4, pp. 213--224, 2008.

[21]

X. Wang, N. Hovakimyan, and L. Sha, "L1Simplex: Fault-tolerant control of cyber-physical systems," in 2013 ACM/IEEE ICCPS, 2013, pp. 41--50.

[22]

S. Mohan, S. Bak, E. Betti, H. Yun, L. Sha, and M. Caccamo, "S3A: Secure system simplex architecture for enhanced security and robustness of cyber-physical systems," in ACM international conference on High confidence networked systems. hskip 1em plus 0.5em minus 0.4 emrelax ACM, 2013, pp. 65--74.

[23]

F. Abdi, M. Hasan, S. Mohan, D. Agarwal, and M. Caccamo, "ReSecure: A restart-based security protocol for tightly actuated hard real-time systems," in IEEE CERTS, 2016, pp. 47--54.

[24]

M.-K. Yoon, S. Mohan, J. Choi, J.-E. Kim, and L. Sha, "SecureCore: A multicore-based intrusion detection architecture for real-time embedded systems," in IEEE RTAS, 2013, pp. 21--32.

[25]

"SPI block guide V04.01," Motorola Inc, 2004. [Online]. Available: https://tinyurl.com/spi-blockBIBentrySTDinterwordspacing

[26]

S. Adepu and A. Mathur, "From design to invariants: Detecting attacks on cyber physical systems," in IEEE QRS-C, 2017, pp. 533--540.

[27]

R. Wilhelm, J. Engblom, A. Ermedahl, N. Holsti, S. Thesing, D. Whalley, G. Bernat, C. Ferdinand, R. Heckmann, T. Mitra et al., "The worst-case execution-time problem-overview of methods and survey of tools," ACM TECS, vol. 7, no. 3, p. 36, 2008.

[28]

L. Cheng, K. Tian, and D. D. Yao, "Orpheus: Enforcing cyber-physical execution semantics to defend against data-oriented attacks," in ACM ACSAC, 2017, pp. 315--326.

[29]

R. Liu and M. Srivastava, "VirtSense: Virtualize Sensing through ARM TrustZone on Internet-of-Things," in ACM SysTEX, 2018, pp. 2--7.

Digital Library

[30]

R. vspace*0emLiu and M. Srivastava, "PROTC: PROTeCting drone's peripherals through ARM trustzone," in ACM DroNet, 2017, pp. 1--6.

[31]

"Open Portable Trusted Execution Environment," https://www.op-tee.org/.

[32]

"Implementation code for Contego-TEE," https://github.com/mnwrhsn/rt_actuator_security.

[33]

"GoPiGo," https://github.com/DexterInd/GoPiGo.

[34]

P. Guo, H. Kim, N. Virani, J. Xu, M. Zhu, and P. Liu, "RoboADS: Anomaly detection against sensor and actuator misbehaviors in mobile robots," in IEEE/IFIP DSN, 2018, pp. 574--585.

[35]

"Dexter Industries Sensors," https://github.com/DexterInd/DI_Sensors.

[36]

H. Choi, W.-C. Lee, Y. Aafer, F. Fei, Z. Tu, X. Zhang, D. Xu, and X. Xinyan, "Detecting attacks against robotic vehicles: A control invariant approach," in ACM CCS, 2018, pp. 801--816.

[37]

M. vspace0mmHasan, S. Mohan, R. Pellizzoni, and R. B. Bobba, "Contego: An adaptive framework for integrating security tasks in real-time systems," in Euromicro ECRTS, 2017, pp. 23:1--23:22.

[38]

M. Hasan, S. Mohan, R. B. Bobba, and R. Pellizzoni, "Exploring opportunistic execution for integrating security into legacy hard real-time systems," in IEEE RTSS, 2016, pp. 123--134.

[39]

M. Hasan, S. Mohan, R. Pellizzoni, and R. B. Bobba, "A design-space exploration for allocating security tasks in multicore real-time systems," in DATE, 2018, pp. 225--230.

[40]

F. Fei, Z. Tu, R. Yu, T. Kim, X. Zhang, D. Xu, and X. Deng, "Cross-layer retrofitting of UAVs against cyber-physical attacks," in IEEE ICRA, 2018, pp. 550--557.

[41]

F. Abdi, C.-Y. Chen, M. Hasan, S. Liu, S. Mohan, and M. Caccamo, "Guaranteed physical security with restart-based design for cyber-physical systems," in ACM/IEEE ICCPS, 2018, pp. 10--21.

[42]

M. Ammar, G. Russello, and B. Crispo, "Internet of Things: A survey on the security of IoT frameworks," Elsevier J. of Inf. Sec. & App., vol. 38, pp. 8--27, 2018.

[43]

E. Bini and G. C. Buttazzo, "Schedulability analysis of periodic fixed priority systems," IEEE Trans. on Comp., vol. 53, no. 11, pp. 1462--1473, 2004.

Digital Library

[44]

M. Joseph and P. Pandya, "Finding response times in a real-time system," The Comp. J., vol. 29, no. 5, pp. 390--395, 1986.

Cited By

Longari SPozone ALeoni JPolino MCarminati MTanelli MZanero S(2024)CyFence: Securing Cyber-Physical Controllers via Trusted Execution EnvironmentIEEE Transactions on Emerging Topics in Computing10.1109/TETC.2023.326841212:2(521-531)Online publication date: Apr-2024
https://doi.org/10.1109/TETC.2023.3268412
Varadharajan VTupakula UKarmakar K(2023)Techniques for Enhancing Security in Industrial Control SystemsACM Transactions on Cyber-Physical Systems10.1145/36301038:1(1-36)Online publication date: 30-Oct-2023
https://dl.acm.org/doi/10.1145/3630103
Hui HMcLaughlin KSiddiqui FSezer STasdemir SSonigara B(2023)A Runtime Security Monitoring Architecture for Embedded Hypervisors2023 IEEE 36th International System-on-Chip Conference (SOCC)10.1109/SOCC58585.2023.10256735(1-6)Online publication date: 5-Sep-2023
https://doi.org/10.1109/SOCC58585.2023.10256735
Show More Cited By

Index Terms

Protecting Actuators in Safety-Critical IoT Systems from Control Spoofing Attacks
1. Computer systems organization
  1. Embedded and cyber-physical systems
2. Security and privacy
  1. Systems security

Recommendations

Poster Abstract: Securing Edge-Based Real-Time IoT Systems
SenSys '23: Proceedings of the 21st ACM Conference on Embedded Networked Sensor Systems

The advent of the Internet of Things (IoT) has led to an increased demand for security and real-time guarantees in distributed embedded systems comprising the IoT. Securing edge-based systems with limited resources can be especially problematic due to ...
Attacks against process control systems: risk assessment, detection, and response
ASIACCS '11: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security

In the last years there has been an increasing interest in the security of process control and SCADA systems. Furthermore, recent computer attacks such as the Stuxnet worm, have shown there are parties with the motivation and resources to effectively ...
Defending AUTOSAR Safety Critical Systems Against Code Reuse Attacks
AutoSec '19: Proceedings of the ACM Workshop on Automotive Cybersecurity

With the emergence of AUTOSAR as the dominant software platform for deeply embedded automotive systems, securing AUTOSAR against software based attacks becomes essential to securing most vehicles. However security countermeasures have to fit within the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

IoT S&P'19: Proceedings of the 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things

November 2019

65 pages

ISBN:9781450368384

DOI:10.1145/3338507

Program Chairs:
Peng Liu
Penn State University, USA
,
Yuqing Zhang
University of Chinese Academy of Sciences, China

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 November 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

US National Science Foundation (NSF)
US Department of Energy (DoE)

Conference

CCS '19

Sponsor:

SIGSAC

CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security

November 15, 2019

London, United Kingdom

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
419
Total Downloads

Downloads (Last 12 months)32
Downloads (Last 6 weeks)3

Reflects downloads up to 27 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

Longari SPozone ALeoni JPolino MCarminati MTanelli MZanero S(2024)CyFence: Securing Cyber-Physical Controllers via Trusted Execution EnvironmentIEEE Transactions on Emerging Topics in Computing10.1109/TETC.2023.326841212:2(521-531)Online publication date: Apr-2024
https://doi.org/10.1109/TETC.2023.3268412
Varadharajan VTupakula UKarmakar K(2023)Techniques for Enhancing Security in Industrial Control SystemsACM Transactions on Cyber-Physical Systems10.1145/36301038:1(1-36)Online publication date: 30-Oct-2023
https://dl.acm.org/doi/10.1145/3630103
Hui HMcLaughlin KSiddiqui FSezer STasdemir SSonigara B(2023)A Runtime Security Monitoring Architecture for Embedded Hypervisors2023 IEEE 36th International System-on-Chip Conference (SOCC)10.1109/SOCC58585.2023.10256735(1-6)Online publication date: 5-Sep-2023
https://doi.org/10.1109/SOCC58585.2023.10256735
Hasan MMohan S(2023)You Can’t Always Check What You Wanted: : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things2023 IEEE 26th International Symposium on Real-Time Distributed Computing (ISORC)10.1109/ISORC58943.2023.00017(42-53)Online publication date: May-2023
https://doi.org/10.1109/ISORC58943.2023.00017
Gyamfi EJurcut A(2022)Intrusion Detection in Internet of Things Systems: A Review on Design Approaches Leveraging Multi-Access Edge Computing, Machine Learning, and DatasetsSensors10.3390/s2210374422:10(3744)Online publication date: 14-May-2022
https://doi.org/10.3390/s22103744
Chen JKloda TTabish RBansal AChen CLiu BMohan SCaccamo MSha L(2022)SchedGuard++: Protecting against Schedule Leaks Using Linux Containers on Multi-Core ProcessorsACM Transactions on Cyber-Physical Systems10.1145/35659747:1(1-25)Online publication date: 25-Oct-2022
https://dl.acm.org/doi/10.1145/3565974
Vakhter VSoysal BSchaumont PGuler U(2022)Threat Modeling and Risk Analysis for Miniaturized Wireless Biomedical DevicesIEEE Internet of Things Journal10.1109/JIOT.2022.31441309:15(13338-13352)Online publication date: 1-Aug-2022
https://doi.org/10.1109/JIOT.2022.3144130
Wang ZXie WWang BTao JWang E(2021)A Survey on Recent Advanced Research of CPS SecurityApplied Sciences10.3390/app1109375111:9(3751)Online publication date: 21-Apr-2021
https://doi.org/10.3390/app11093751
Zhaikhan AKishk MElSawy HAlouini M(2021)Safeguarding the IoT From Malware Epidemics: A Percolation Theory ApproachIEEE Internet of Things Journal10.1109/JIOT.2020.30341118:7(6039-6052)Online publication date: 1-Apr-2021
https://doi.org/10.1109/JIOT.2020.3034111
Liu TGuo HDanilov CNahrstedt K(2020)A Privacy-Preserving Data Collection and Processing Framework for Third-Party UAV Services2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom50675.2020.00095(683-690)Online publication date: Dec-2020
https://doi.org/10.1109/TrustCom50675.2020.00095
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents