• shareshare
  • link
  • cite
  • add
auto_awesome_motion View all 5 versions
Publication . Contribution for newspaper or weekly magazine . Conference object . 2019

Secure Edge Computing with Lightweight Control-Flow Property-based Attestation

Nikos Koutroumpouchos; Christoforos Ntantogian; Sofia Anna Menesidou; Kaitai Liang; Panagiotis Gouvas; Christos Xenakis; Thanassis Giannetsos;
Open Access
Published: 01 Jan 2019
Publisher: IEEE
Country: Denmark

The Internet of Things (IoT) is rapidly evolving, while introducing several new challenges regarding security, resilience and operational assurance. In the face of an increasing attack landscape, it is necessary to cater for the provision of efficient mechanisms to collectively verify software- and device-integrity in order to detect run-time modifications. Towards this direction, remote attestation has been proposed as a promising defense mechanism. It allows a third party, the verifier, to ensure the integrity of a remote device, the prover. However, this family of solutions do not capture the real-time requirements of industrial IoT applications and suffer from scalability and efficiency issues. In this paper, we present a lightweight dynamic control-flow property-based attestation architecture (CFPA) that can be applied on both resource-constrained edge and cloud devices and services. It is a first step towards a new line of security mechanisms that enables the provision of control-flow attestation of only those specific, critical software components that are comparatively small, simple and limited in function, thus, allowing for a much more efficient verification. Our goal is to enhance run-time software integrity and trustworthiness with a scalable and decentralized solution eliminating the need for federated infrastructure trust. Based on our findings, we posit open issues and challenges, and discuss possible ways to address them, so that security do not hinder the deployment of intelligent edge computing systems.

Subjects by Vocabulary

Microsoft Academic Graph classification: Computer science Enhanced Data Rates for GSM Evolution Software deployment Resilience (network) Computer security computer.software_genre computer Edge computing Component-based software engineering Software business.industry business Cloud computing Scalability


Control-Flow Property-based Attestation, Software-based Attacks, Trusted Component, Control-flow Property-based Attestation, Software-based Attacks, Trusted Components

Funded by
EC| FutureTPM
Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module
  • Funder: European Commission (EC)
  • Project Code: 779391
  • Funding stream: H2020 | RIA
Validated by funder
Download fromView all 4 sources
Online Research Database In Technology
Contribution for newspaper or weekly magazine . 2019