CARE: Lightweight Attack Resilient Secure Boot Architecturewith Onboard Recovery for RISC-V based SOC

by   Avani Dave, et al.

Recent technological advancements have proliferated the use of small embedded devices for collecting, processing, and transferring the security-critical information. The Internet of Things (IoT) has enabled remote access and control of these network-connected devices. Consequently, an attacker can exploit security vulnerabilities and compromise these devices. In this context, the secure boot becomes a useful security mechanism to verify the integrity and authenticity of the software state of the devices. However, the current secure boot schemes focus on detecting the presence of potential malware on the device but not on disinfecting and restoring the soft-ware to a benign state. This manuscript presents CARE- the first secure boot framework that provides detection, resilience, and onboard recovery mechanism for the com-promised devices. The framework uses a prototype hybrid CARE: Code Authentication and Resilience Engine to verify the software state and restore it to a benign state. It uses Physical Memory Protection (PMP) and other security enchaining techniques of RISC-V processor to pro-vide resilience from modern attacks. The state-of-the-art comparison and performance analysis results indicate that the proposed secure boot framework provides a promising resilience and recovery mechanism with very little 8


page 1

page 2

page 3

page 4


SRACARE: Secure Remote Attestation with Code Authentication and Resilience Engine

Recent technological advancements have enabled proliferated use of small...

RARES: Runtime Attack Resilient Embedded System Design Using Verified Proof-of-Execution

Modern society is getting accustomed to the Internet of Things (IoT) and...

Introducing Network Coding to RPL: The Chained Secure Mode (CSM)

As the de facto routing protocol for many Internet of Things (IoT) netwo...

A Secure and Robust Scheme for Sharing Confidential Information in IoT Systems

In Internet of Things (IoT) systems with security demands, there is ofte...

Unlimited Lives: Secure In-Process Rollback with Isolated Domains

The use of unsafe programming languages still remains one of the major r...

Authenticated time for detecting GNSS attacks

Information cross-validation can be a powerful tool to detect manipulate...

A Modular End-to-End Framework for Secure Firmware Updates on Embedded Systems

Firmware refers to device read-only resident code which includes microco...

Please sign up or login with your details

Forgot password? Click here to reset