, Freertos tcp/ip stack vulnerabilities put a wide range of devices at risk of compromise: From smart homes to critical infrastructure systems, 2018.
, Intel control-flow enforcement technology preview, 2017.
Innovative technology for cpu based attestation and sealing ittai, 2013. ,
, ARM. Cortex-m3 devices generic user guide, 2010.
, Arm amba 5 ahb protocol specification, 2015.
, Arm the architecture for the digital world, 2015.
, , 2015.
, Arm system memory management unit architecture specification, 2016.
Arm R ?v7-m architecturereference manual, 2006. ,
Chisel: Constructing hardware in a scala embedded language, DAC Design Automation Conference, pp.1212-1221, 2012. ,
How to secure a risc-v embedded system in just 30 minutes, 2019. ,
Merkle signature schemes, merkle trees and their cryptanalysis, 2008. ,
The price of safety : Evaluating iommu performance, 2007. ,
On the security evaluation of the arm trustzone extension in a heterogeneous soc, 30th IEEE International System-on-Chip Conference (SOCC), pp.108-113, 2017. ,
Tytan: Tiny trust anchor for tiny devices, 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp.1-6, 2015. ,
Enhanced privacy id from bilinear pairing for hardware authentication and attestation, IEEE Second International Conference on Social Computing, pp.768-775, 2010. ,
Fault attacks on encrypted general purpose compute platforms, Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, CODASPY '17, pp.197-204, 2017. ,
Nusmv 2: An opensource tool for symbolic model checking, CAV, 2002. ,
Aces: Automatic compartments for embedded systems, USENIX Security Symposium, 2018. ,
Protecting bare-metal embedded systems with privilege overlays, IEEE Symposium on Security and Privacy (SP), pp.289-303, 2017. ,
Atmel trusted platform module at97sc3201, 2005. ,
Inception: System-wide security testing of real-world embedded systems software, USENIX Security Symposium, 2018. ,
Intel sgx explained, IACR Cryptology ePrint Archive, p.86, 2016. ,
Sanctum: Minimal hardware extensions for strong software isolation, USENIX Security Symposium, 2016. ,
Hafix: Hardware-assisted flow integrity extension, 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp.1-6, 2015. ,
A survey of hardware-based control flow integrity (cfi), 2017. ,
Smart: Secure and minimal architecture for (establishing dynamic) root of trust, NDSS, p.132, 2012. ,
Computer-aided cryptographic proofs, 2009. ,
Input/output memory management unit with protection mode for preventing memory access by i/o devices, 2014. ,
Direct memory access (dma) address translation in an input/output memory management unit (iommu). (US7809923B2), 2010. ,
Flexible hardware-managed isolated execution: Architecture, software support and applications, IEEE Transactions on Dependable and Secure Computing, vol.15, pp.437-451, 2018. ,
Iso-x: A flexible architecture for hardware-managed isolated execution, 47th Annual IEEE/ACM International Symposium on Microarchitecture, pp.190-202, 2014. ,
A minimalist approach to remote attestation, Design Automation & Test in Europe Conference & Exhibition (DATE), pp.1-6, 2014. ,
Soteria: Offline software protection within low-cost embedded devices, ACSAC, 2015. ,
Intel R ? trusted execution technology hardware-based technology for enhancing server platform security, 2013. ,
Amba-ahb security, 2018. ,
Extensible and configurable RISC-V based virtual prototype, pp.5-16, 2018. ,
Using innovative instructions to create trustworthy software solutions, HASP@ISCA, 2013. ,
The seven properties of highly secure devices, 2017. ,
Thirty years later: Lessons from the multics security evaluation, ACSAC, 2002. ,
Fusee gelee exploit, 2018. ,
Formal verification in hardware design: A survey, ACM Trans. Des. Autom. Electron. Syst, vol.4, issue.2, p.133, 1999. ,
Securing real-time microcontroller systems through customized memory view switching, NDSS, 2018. ,
Trustlite: a security architecture for tiny embedded devices, EuroSys, 2014. ,
Harbor: Software-based memory protection for sensor nodes, 6th International Symposium on Information Processing in Sensor Networks, pp.340-349, 2007. ,
Code-pointer integrity, 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI 14), pp.147-163, 2014. ,
, , 2017.
Sok: Automated software diversity, IEEE Symposium on Security and Privacy, pp.276-291, 2014. ,
Multiprogramming a 64kb computer safely and efficiently, SOSP, 2017. ,
The case for writing a kernel in rust, APSys, 2017. ,
Meltdown: Reading kernel memory from user space, USENIX Security Symposium, 2018. ,
Add support for embedded position-independent code (ropi/rwpi) ,
Hardware-based trusted computing architectures for isolation and attestation, IEEE Transactions on Computers, vol.67, pp.361-374, 2018. ,
, Thunderclap: Exploring vulnerabilities in operating system iommu protection via dma from untrustworthy peripherals, 2019.
Trustvisor: Efficient tcb reduction and attestation, IEEE Symposium on Security and Privacy, pp.143-158, 2010. ,
Flicker: an execution infrastructure for tcb minimization, EuroSys, 2008. ,
Vedvyas Shanbhogue, and Uday R. Savagaonkar. Innovative instructions and software model for isolated execution, Proceedings of the 2Nd International Workshop on Hardware and Architectural Support for Security and Privacy, HASP '13, vol.10, pp.1-10, 2013. ,
Symbolic model checking, 1993. ,
A digital signature based on a conventional encryption function, CRYPTO, 1987. ,
Mpiov: Scaling hardware-based i/o virtualization for mixed-criticality embedded real-time systems using non transparent bridges to (multi-core) multi-processor systems, Design, Automation and Test in Europe Conference and Exhibition (DATE), pp.579-584, 2015. ,
Iompu: Spatial separation for hardware-based i/o virtualization for mixed-criticality embedded real-time systems using nontransparent bridges, IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems, pp.1037-1044, 2015. ,
A rust-based runtime for the internet of things, 2017. ,
Sancus: Lowcost trustworthy extensible networked devices with a zero-software trusted computing base, USENIX Security Symposium, 2013. ,
VRASED: A verified hardware/software co-design for remote attestation, 28th USENIX Security Symposium (USENIX Security 19), pp.1429-1446, 2019. ,
, , 2015.
Embedded systems security: Threats, vulnerabilities, and attack taxonomy, 13th Annual Conference on Privacy, Security and Trust (PST), pp.145-152, 2015. ,
Execution-aware memory protection, 2013. ,
Demystifying arm trustzone: A comprehensive survey, ACM Comput. Surv, vol.51, 2019. ,
, , 2017.
Rob Spiger, and Stefan Thom. ftpm : A firmware-based tpm 2 . 0 implementation, 2015. ,
I/o attacks in intel pc-based architectures and countermeasures, First SysSec Workshop, pp.19-26, 2011. ,
Shcot: Secure (and verified) hybrid chain of trust to protect from malicious software in lightweight devices, The 1st Annual International Workshop on Software Hardware Interaction Faults, 2019. ,
URL : https://hal.archives-ouvertes.fr/hal-02335773
An indepth study of mpu-based isolation techniques, Journal of Hardware and Systems Security, 2019. ,
URL : https://hal.archives-ouvertes.fr/hal-02335716
Hardware-based isolation and attestation architecture for a risc-v core, SiFive's Technical Symposium, 2019. ,
URL : https://hal.archives-ouvertes.fr/hal-02335812
Poster: Hardware-based isolation and attestation architecture for a risc-v core, CySep and EuroS&P, 2019. ,
Poster: Hardware-based isolation and attestation architecture for a risc-v core, 15th European Dependable Computing Conference (EDCC), 2019. ,
Toubkal: A flexible and efficient hardware isolation module for secure lightweight devices, 15th European Dependable Computing Conference (EDCC), 2019. ,
URL : https://hal.archives-ouvertes.fr/hal-02342738
Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems, SOSP, 2005. ,
Swatt: software-based attestation for embedded devices, IEEE Symposium on Security and Privacy, pp.272-282, 2004. ,
A study of security isolation techniques, ACM Comput. Surv, vol.49, p.37, 2016. ,
A study of security isolation techniques, ACM Comput. Surv, vol.49, issue.3, 2016. ,
Sifive e31 core complex manual, 2017. ,
Diplomatic design patterns : A tilelink case study, 2017. ,
The risc-v instruction set manual, 2017. ,
Sifive tilelink specification, 2017. ,
Intel R ? sgx: Intel R ? epid provisioning and attestation services, 2016. ,
On control flow hijacks of unsafe rust, 2017. ,
The internet worm incident, ESEC, 1989. ,
The internet worm program: an analysis, CCRV, 1989. ,
Design of a tailor-made memory protection unit for low power microcontrollers, 8th IEEE International Symposium on Industrial Embedded Systems (SIES), pp.225-231, 2013. ,
Understanding dma malware, DIMVA, 2012. ,
Fides: selectively hardening software application components against kernel-level or process-level malware, ACM Conference on Computer and Communications Security, 2012. ,
Efficient isolation of trusted subsystems in embedded systems, Security and Privacy in Communication Networks, pp.344-361, 2010. ,
Strategy without tactics: Policy-agnostic hardware-enhanced control-flow integrity, 53nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp.1-6, 2016. ,
Sok: Eternal war in memory, IEEE Symposium on Security and Privacy, pp.48-62, 2013. ,
, Psecurity technology building a secure system using trustzonetechnology, 2009.
Memory protection unit (mpu), 2016. ,
, , 2015.
Mondriaan memory protection, 2004. ,
Mondrix: memory isolation for linux using mondriaan memory protection, SOSP, 2005. ,
Hacl*: A verified modern cryptographic library, ACM Conference on Computer and Communications Security, 2017. ,