TY - GEN
T1 - Trusted Execution Environments in Embedded and IoT Systems
T2 - 3rd International Symposium on Secure and Private Execution Environment Design, SEED 2024
AU - Zhao, Ziming
AU - Armanuzzaman, Md
AU - Tan, Xi
AU - Ma, Zheyuan
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - While the benefits of networked embedded and Internet of Things (IoT) systems are unparalleled, they are susceptible to cyberattacks. In recent years, Trusted Execution Environments (TEE) have been offered in CPUs of embedded and IoT platforms as a foundational primitive for security to keep code and data loaded inside protected, with respect to confidentiality and integrity, from Rich Execution Environments (REEs). The hardware and software layers of existing TEEs nevertheless have been criticized for lack of transparency, full of vulnerabilities, and various restrictions, which means the existing TEEs and TEE-based security solutions are untrustworthy, ineffective, or inefficient. Failure to make TEEs trustworthy and effective will backfire instead of enhancing security because embedded TEEs usually have the highest privilege and a compromised TEE can completely sabotage the REE. In this paper, we present our perspective on the challenges and limitations related to embedded and IoT TEEs. Additionally, we delve into three recently published projects from CactiLab, which aim to tackle challenges presented in embedded and IoT TEEs and TEE-based security solutions at various layers.
AB - While the benefits of networked embedded and Internet of Things (IoT) systems are unparalleled, they are susceptible to cyberattacks. In recent years, Trusted Execution Environments (TEE) have been offered in CPUs of embedded and IoT platforms as a foundational primitive for security to keep code and data loaded inside protected, with respect to confidentiality and integrity, from Rich Execution Environments (REEs). The hardware and software layers of existing TEEs nevertheless have been criticized for lack of transparency, full of vulnerabilities, and various restrictions, which means the existing TEEs and TEE-based security solutions are untrustworthy, ineffective, or inefficient. Failure to make TEEs trustworthy and effective will backfire instead of enhancing security because embedded TEEs usually have the highest privilege and a compromised TEE can completely sabotage the REE. In this paper, we present our perspective on the challenges and limitations related to embedded and IoT TEEs. Additionally, we delve into three recently published projects from CactiLab, which aim to tackle challenges presented in embedded and IoT TEEs and TEE-based security solutions at various layers.
KW - Arm Cortex-M TrustZone
KW - embedded and IoT systems
KW - Trusted execution environment
UR - https://www.scopus.com/pages/publications/85196572041
U2 - 10.1109/SEED61283.2024.00020
DO - 10.1109/SEED61283.2024.00020
M3 - Conference contribution
AN - SCOPUS:85196572041
T3 - Proceedings - 2024 International Symposium on Secure and Private Execution Environment Design, SEED 2024
SP - 96
EP - 106
BT - Proceedings - 2024 International Symposium on Secure and Private Execution Environment Design, SEED 2024
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 16 May 2024 through 17 May 2024
ER -