Article
Computer Science, Hardware & Architecture
Sandro Pinto, Pedro Machado, Daniel Oliveira, David Cerdeira, Tiago Gomes
Summary: Arm TrustZone is a hardware technology that adds significant value to security. This work introduced the concept of self-secured devices, extending the TrustZone dual-world model to the device itself, providing a secure solution for sharing devices. The results showed that this solution requires minimal additional hardware resources compared to native device implementation.
JOURNAL OF SYSTEMS ARCHITECTURE
(2021)
Article
Computer Science, Hardware & Architecture
Anum Khurshid, Sileshi Demesie Yalew, Mudassar Aslam, Shahid Raza
Summary: Securing IoT devices is important as the security risks increase rapidly. TrustZone-M provides stronger security within an IoT device, but lacks secure cross-world communication. We propose ShieLD, a framework that enables a secure communication channel between TrustZone-M worlds without cryptographic operations, using the Memory Protection Unit (MPU). Our evaluation shows that ShieLD can achieve 5 times faster cross-zone communication compared to traditional crypto-based communication.
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
(2023)
Article
Computer Science, Information Systems
Zhichao Hua, Yang Yu, Jinyu Gu, Yubin Xia, Haibo Chen, Binyu Zang
Summary: Containers are widely used on cloud platforms due to their low resource usage, quick startup time, and high performance compared to virtual machines. However, the weakness of container technology lies in its weak isolation. This paper introduces the TZ-Container, a TrustZone-based secure container mechanism that can protect against various attacks and maintain security properties while only incurring a minimal performance overhead of approximately 5%.
SCIENCE CHINA-INFORMATION SCIENCES
(2021)
Article
Green & Sustainable Science & Technology
Qi-Xian Huang, Min-Yi Chiu, Chi-Shen Yeh, Hung-Min Sun
Summary: With the increasing popularity of edge computing, the security challenges it brings have received unprecedented attention. Research now focuses on securing not only devices like PCs, smartphones, tablets, and IoTs, but also the automotive industry. However, as attack vectors become more sophisticated, protecting only the system software layer is no longer sufficient. Challenges in IoT devices, such as power consumption and authentication management, still need to be addressed. This paper proposes a mechanism called STBEAT, which integrates an open-source project with ARM TrustZone, to solve the challenges of upgrading IoT systems and updating system files more securely.
Article
Computer Science, Information Systems
Sanghoon Jeon, Huy Kang Kim
Summary: A client-side game protection mechanism TZMon, based on ARM TrustZone, is proposed to protect the confidentiality and integrity of mobile games. Experimental results show that TZMon effectively prevents cheating in mobile games without noticeable performance degradation.
COMPUTERS & SECURITY
(2021)
Article
Computer Science, Interdisciplinary Applications
Sandeep Gupta
Summary: Secure and efficient communication is crucial in establishing a seamless connection between the five levels of an automation pyramid for Industry 4.0. Vertical and horizontal integration is essential for improving productivity and operational activities. This paper proposes an Edgecomputing based Industrial Gateway that facilitates vertical and horizontal integration in Industry 4.0. A working prototype is designed and developed to demonstrate remote production-line maintenance with a focus on security and edge computing.
JOURNAL OF INDUSTRIAL INFORMATION INTEGRATION
(2023)
Article
Computer Science, Information Systems
Gisu Yeo, Yeryeong Kim, Suhyeon Song, Donghyun Kwon
Summary: Embedded systems are facing increasing security concerns, but existing CFI methods are not widely applicable. This paper proposes a new scheme called CEST, which utilizes ARM TrustZone-M to ensure CFI in embedded systems.
Article
Computer Science, Information Systems
Junyoung Jung, Beomseok Kim, Jinsung Cho, Ben Lee
Summary: This article analyzes vulnerabilities in low-end IoT devices and proposes a secure platform model based on the analysis results to meet the security requirements and services. The proposed model is designed to be flexible and applicable to various types of PSA-based IoT devices, providing secure platform services APIs for easy and fast development of IoT services.
IEEE INTERNET OF THINGS JOURNAL
(2022)
Article
Computer Science, Hardware & Architecture
Zhen Ling, Huaiyu Yan, Xinhui Shao, Junzhou Luo, Yiling Xu, Bryan Pearson, Xinwen Fu
Summary: This paper introduces a method for enforcing system integrity in IoT systems based on ARM TrustZone, including load-time integrity and runtime integrity assurance. It proposes a hybrid booting approach and process integrity measurement method to ensure system integrity, and implements an IoT prototype system with a trusted root.
JOURNAL OF SYSTEMS ARCHITECTURE
(2021)
Article
Computer Science, Information Systems
Mohammad Fakhruddin Babar, Monowar Hasan
Summary: This paper provides a comprehensive survey of the literature on trusted neural networks, specifically addressing the efficient execution of neural models inside trusted enclaves. The authors review different trusted execution environment architectures and techniques, classify existing work, and discuss challenges and open issues.
Article
Chemistry, Analytical
Xinyao Li, Akhilesh Tyagi
Summary: The TrustZone technology provides a hardware-isolated trusted execution environment for sensitive data and code in processors used in the IoT world. This paper demonstrates a vulnerability in the secure world through a covert channel using performance counters and PMU events. By using microarchitecture level events captured through PMU for covert channel encoding, a potential 100x higher bandwidth can be achieved. The proposed covert channel significantly improves the throughput compared to previous work.
Article
Computer Science, Information Systems
Dongwook Shim, Dong Hoon Lee
Summary: In this paper, a lightweight and secure shared memory scheme called Software One-Time Programmable Memory (SOTPM) is proposed to prevent man-in-the-middle attacks and key leakage risk by encrypting sensitive data in the application layer instead of the shared memory layer. Compared to existing methods, SOTPM significantly reduces system performance overhead, making it a reasonable solution for current commercial products.
Article
Computer Science, Information Systems
Yohannes B. Bekele, Daniel B. Limbrick, John C. Kelly
Summary: Fault Injection (FI) is a method used to evaluate the reliability and resilience of a system by assessing its ability to detect and mitigate faults. This paper presents a survey of FI techniques based on the QEMU emulator, categorizing and comparing them to help researchers understand their capabilities and limitations.
Proceedings Paper
Automation & Control Systems
Martin Schoenstedt, Ferdinand Brasser, Patrick Jauernig, Emmanuel Stapf, Ahmed-Reza Sadeghi
Summary: Embedded devices are widely used in various applications, but the large number of devices leads to high costs. To reduce these costs, there is a need to consolidate applications and improve safety and security. Existing solutions do not meet the requirements, so this paper presents SafeTEE, a novel approach to enable security- and safety-critical applications on a single embedded device.
PROCEEDINGS OF THE 2022 DESIGN, AUTOMATION & TEST IN EUROPE CONFERENCE & EXHIBITION (DATE 2022)
(2022)
Article
Computer Science, Information Systems
Shahidullah Kaiser, Md Sadun Haq, Ali Saman Tosun, Turgay Korkmaz
Summary: Container technology is gaining popularity as an alternative to traditional virtual machines because it provides a faster, lighter, and more portable runtime environment. The ARM architecture is becoming prevalent in container technologies due to its energy efficiency and high-performance.
Article
Engineering, Electrical & Electronic
Ivo Marques, Cristiano Rodrigues, Adriano Tavares, Sandro Pinto, Tiago Gomes
Summary: Lock-V is a heterogeneous fault tolerance architecture that explores a dual-core lockstep technique to mitigate single event upset and common-mode failure problems. By applying design diversity, Lock-V was deployed in two versions – Lock-VA and Lock-VM, utilizing FPGA technology to deploy softcore versions of the RISC-V processors.
MICROELECTRONICS RELIABILITY
(2021)
Article
Engineering, Electrical & Electronic
Ricardo Roriz, Andre Campos, Sandro Pinto, Tiago Gomes
Summary: The development of fully autonomous vehicles has led to a growing interest in reliable perception features, with LiDAR sensors playing a key role. However, these sensors can be sensitive to adverse weather conditions, affecting the vehicle's perception system behavior. This article proposes a weather denoising method called DIOR, which combines two state-of-the-art algorithms and utilizes FPGA technology to outperform existing solutions, improving accuracy and performance while meeting real-time requirements.
IEEE SENSORS JOURNAL
(2022)
Article
Computer Science, Hardware & Architecture
Sandro Pinto, Pedro Machado, Daniel Oliveira, David Cerdeira, Tiago Gomes
Summary: Arm TrustZone is a hardware technology that adds significant value to security. This work introduced the concept of self-secured devices, extending the TrustZone dual-world model to the device itself, providing a secure solution for sharing devices. The results showed that this solution requires minimal additional hardware resources compared to native device implementation.
JOURNAL OF SYSTEMS ARCHITECTURE
(2021)
Article
Computer Science, Information Systems
Daniel Oliveira, Tiago Gomes, Sandro Pinto
Summary: Security is a major challenge in IoT devices due to the lack of basic hardware security mechanisms. Arm has introduced TrustZone-M technology to provide robust protection for IoT devices. However, the lessons from past research efforts seem to be overlooked in new TrustZone-M based solutions. This paper presents uTango, the first multi-world TEE designed for modern IoT devices, addressing the architectural deficiencies of TrustZone(-M)-assisted TEEs.
Article
Chemistry, Multidisciplinary
Diogo Costa, Miguel Costa, Sandro Pinto
Summary: The end of Moore's Law and concerns about data privacy are driving machine learning to shift from the cloud to the deep edge, a paradigm known as federated learning (FL). This article explores the feasibility of training artificial neural networks (ANNs) on Arm Cortex-M microcontroller units (MCUs). The authors propose L-SGD, a lightweight implementation of stochastic gradient descent (SGD) optimized for speed and minimal memory usage. Experimental results show a significant performance improvement with L-SGD compared to traditional SGD, making it suitable for specific application scenarios.
APPLIED SCIENCES-BASEL
(2022)
Article
Computer Science, Information Systems
Ivo Marques, Joao Sousa, Bruno Sa, Diogo Costa, Pedro Sousa, Samuel Pereira, Afonso Santos, Carlos Lima, Niklas Hammerschmidt, Sandro Pinto, Tiago Gomes
Summary: With the ongoing technological transformation in the automotive industry, autonomous vehicles are approaching full vehicle automation. The concept of Shared Autonomous Vehicles (SAV) is becoming a reality, allowing unrelated passengers to share a driverless vehicle. To ensure passenger safety and well-being, a microphone-based sensor system is used to localize sound events inside the vehicle.
Article
Computer Science, Artificial Intelligence
Miguel Costa, Diogo Costa, Tiago Gomes, Sandro Pinto
Summary: Capsule networks (CapsNets) have emerged as a new trend in image processing, offering advantages over convolutional neural networks in terms of object deformation. However, their complexity makes it challenging to deploy them on resource-constrained devices. To address this, researchers have developed an API for executing quantized CapsNets on Arm Cortex-M and RISC-V MCUs, reducing memory footprint and proposing a framework for post-training quantization.
ACM TRANSACTIONS ON INTELLIGENT SYSTEMS AND TECHNOLOGY
(2022)
Article
Engineering, Electrical & Electronic
Luis Cunha, Ricardo Roriz, Sandro Pinto, Tiago Gomes
Summary: The automotive industry is undergoing a significant transformation towards fully autonomous vehicles. This article proposes ALFA-Pi, a system that uses FPGA technology to interface different LiDAR sensors and provide custom data outputs to high-level perception systems. By accelerating the LiDAR interface, the proposed system achieves lower latency and higher performance ratios compared to current software-only approaches.
IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY
(2023)
Article
Engineering, Electrical & Electronic
Tiago Gomes, Pedro Sousa, Miguel Silva, Mongkol Ekpanyapong, Sandro Pinto
Summary: In the IoT era, embedded FPGA technology combined with open RISC-V architecture provides flexible and reconfigurable embedded IoT solutions. This article presents the FAC-V coprocessor, which achieves significant performance improvements by implementing the Advanced Encryption Standard in hardware.
JOURNAL OF LOW POWER ELECTRONICS AND APPLICATIONS
(2022)
Proceedings Paper
Computer Science, Hardware & Architecture
Miguel Silva, Tiago Gomes, Sandro Pinto
Summary: This paper presents CHAMELIoT, a framework for FPGA-based IoT platforms that provides agnostic hardware acceleration to OS services by leveraging RISC-V technology. The framework supports multiple IoT operating systems and demonstrates significant performance improvement in the evaluation.
2022 IEEE 28TH INTERNATIONAL CONFERENCE ON EMBEDDED AND REAL-TIME COMPUTING SYSTEMS AND APPLICATIONS (RTCSA 2022)
(2022)
Proceedings Paper
Computer Science, Information Systems
David Cerdeira, Jose Martins, Nuno Santos, Sandro Pinto
Summary: This paper presents a technique called REZONE, which restricts the privileges of the trusted OS by leveraging hardware primitives and partitions the TEE into multiple isolated zones. The authors have implemented and evaluated REZONE, demonstrating its effectiveness in mitigating a large percentage of known vulnerabilities.
PROCEEDINGS OF THE 31ST USENIX SECURITY SYMPOSIUM
(2022)
Article
Computer Science, Hardware & Architecture
Bruno Sa, Jose Martins, Sandro Pinto
Summary: This article presents the implementation and evaluation of the latest version of the RISC-V hypervisor extension specification in a Rocket chip core. The testing was done in FireSim simulator and on Zynq UltraScale+ MPSoC ZCU104. The findings indicate successful deployment and testing of the system, with enhanced interrupt injection and timer infrastructure.
IEEE TRANSACTIONS ON COMPUTERS
(2022)
Proceedings Paper
Computer Science, Information Systems
Igor Zavalyshyn, Nuno Santos, Ramin Sadre, Axel Legay
Summary: PatrIoT is a private-by-design IoT platform for smart home environments, where homeowners have full ownership and control of generated data. It leverages Intel SGX technology and provides an intuitive security abstraction named flowwall for users to control sensitive sensor data flows.
PROCEEDINGS OF THE 17TH EAI INTERNATIONAL CONFERENCE ON MOBILE AND UBIQUITOUS SYSTEMS: COMPUTING, NETWORKING AND SERVICES (MOBIQUITOUS 2020)
(2021)
Proceedings Paper
Computer Science, Hardware & Architecture
Eduardo Gomes, Igor Zavalyshyn, Nuno Santos, Joao Silva, Axel Legay
2020 IEEE 19TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2020)
(2020)
Proceedings Paper
Computer Science, Artificial Intelligence
Joao Santos, Nuno Santos, David Dias
PROCEEDINGS OF THE 35TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING (SAC'20)
(2020)