Performance of Secure Boot in Embedded Systems
Paper in proceedings, 2019

With the proliferation of the Internet of Things (IoT), the need to prioritize the overall system security is more imperative than ever.
The IoT will profoundly change the established usage patterns of embedded systems, where devices traditionally operate in relative isolation.
Internet connectivity brought by the IoT exposes such previously isolated internal device structures to cyber-attacks through the Internet, which opens new attack vectors and vulnerabilities.
For example, a malicious user can modify the firmware or operating system by using a remote connection, aiming to deactivate standard defenses against malware.
The criticality of applications, for example, in the Industrial IoT (IIoT) further underlines the need to ensure the integrity of the embedded software.

One common approach to ensure system integrity is to verify the operating system and application software during the boot process. However, safety-critical IoT devices have constrained boot-up times, and home IoT devices should become available quickly after being turned on. Therefore, the boot-time can affect the usability of a device.
This paper analyses performance trade-offs of secure boot for medium-scale embedded systems, such as Beaglebone and Raspberry Pi. We evaluate two secure boot techniques, one is only software-based, and the second is supported by a hardware-based cryptographic storage unit.
For the software-based method, we show that secure boot merely increases the overall boot time by 4 %.
Moreover, the additional cryptographic hardware storage increases the boot-up time by 36 %.

Embedded Systems

Secure Boot

Internet of Things

System Security

Author

Christos Profentzas

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Mirac Günes

Ericsson AB

Ioannis Nikolakopoulos

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Olaf Landsiedel

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Magnus Almgren

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Proceedings of the 15th IEEE International Conference on Distributed Computing in Sensor Systems (DCOSS)

2325-2944 (ISSN)

198-204

1st International Workshop on Security and Reliability of IoT Systems (SecRIoT)
Santorini Island, Greece,

KIDSAM: Knowledge and information-sharing in digital collaborative projects

VINNOVA, 2018-11-01 -- 2021-11-30.

VINNOVA, 2018-11-01 -- 2021-11-30.

AgreeOnIT: Lightweight Consensus and Distributed Computing in the Resource-Constrained Internet of Things

Swedish Research Council (VR), 2019-01-01 -- 2022-12-31.

RIOT: Resilient Internet of Things

Swedish Civil Contingencies Agency, 2019-01-01 -- 2023-12-31.

Areas of Advance

Information and Communication Technology

Transport

Subject Categories

Information Science

Control Engineering

Other Electrical Engineering, Electronic Engineering, Information Engineering

DOI

10.1109/DCOSS.2019.00054

More information

Latest update

10/17/2019