Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone
TrustZone-based Trusted Execution Environments (TEEs) have been utilized extensively for the implementation of security-oriented solutions for several smart intra and inter-connected devices. Although TEEs have been promoted as the starting point for establishing a device root of trust, a number of...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2021-01-01
|
Series: | Sensors |
Subjects: | |
Online Access: | https://www.mdpi.com/1424-8220/21/2/520 |
id |
doaj-f519c6b9806942c28224acc43a71895e |
---|---|
record_format |
Article |
spelling |
doaj-f519c6b9806942c28224acc43a71895e2021-01-14T00:02:05ZengMDPI AGSensors1424-82202021-01-012152052010.3390/s21020520Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZoneNikolaos Koutroumpouchos0Christoforos Ntantogian1Christos Xenakis2Department of Digital Systems, University of Piraeus, 18534 Piraeus, GreeceDepartment of Informatics, Ionian University, 49100 Corfu, GreeceDepartment of Digital Systems, University of Piraeus, 18534 Piraeus, GreeceTrustZone-based Trusted Execution Environments (TEEs) have been utilized extensively for the implementation of security-oriented solutions for several smart intra and inter-connected devices. Although TEEs have been promoted as the starting point for establishing a device root of trust, a number of published attacks against the most broadly utilized TEE implementations request a second view on their security. The aim of this research is to provide an analytical and educational exploration of TrustZone-based TEE vulnerabilities with the goal of pinpointing design and implementation flaws. To this end, we provide a taxonomy of TrustZone attacks, analyze them, and more importantly derive a set of critical observations regarding their nature. We perform a critical appraisal of the vulnerabilities to shed light on their underlying causes and we deduce that their manifestation is the joint effect of several parameters that lead to this situation. The most important ones are the closed implementations, the lack of security mechanisms, the shared resource architecture, and the absence of tools to audit trusted applications. Finally, given the severity of the identified issues, we propose possible improvements that could be adopted by TEE implementers to remedy and improve the security posture of TrustZone and future research directions.https://www.mdpi.com/1424-8220/21/2/520TrustZoneTrusted Execution Environmentsvulnerabilitiesexploitationside channel attacksIoT |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Nikolaos Koutroumpouchos Christoforos Ntantogian Christos Xenakis |
spellingShingle |
Nikolaos Koutroumpouchos Christoforos Ntantogian Christos Xenakis Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone Sensors TrustZone Trusted Execution Environments vulnerabilities exploitation side channel attacks IoT |
author_facet |
Nikolaos Koutroumpouchos Christoforos Ntantogian Christos Xenakis |
author_sort |
Nikolaos Koutroumpouchos |
title |
Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone |
title_short |
Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone |
title_full |
Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone |
title_fullStr |
Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone |
title_full_unstemmed |
Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone |
title_sort |
building trust for smart connected devices: the challenges and pitfalls of trustzone |
publisher |
MDPI AG |
series |
Sensors |
issn |
1424-8220 |
publishDate |
2021-01-01 |
description |
TrustZone-based Trusted Execution Environments (TEEs) have been utilized extensively for the implementation of security-oriented solutions for several smart intra and inter-connected devices. Although TEEs have been promoted as the starting point for establishing a device root of trust, a number of published attacks against the most broadly utilized TEE implementations request a second view on their security. The aim of this research is to provide an analytical and educational exploration of TrustZone-based TEE vulnerabilities with the goal of pinpointing design and implementation flaws. To this end, we provide a taxonomy of TrustZone attacks, analyze them, and more importantly derive a set of critical observations regarding their nature. We perform a critical appraisal of the vulnerabilities to shed light on their underlying causes and we deduce that their manifestation is the joint effect of several parameters that lead to this situation. The most important ones are the closed implementations, the lack of security mechanisms, the shared resource architecture, and the absence of tools to audit trusted applications. Finally, given the severity of the identified issues, we propose possible improvements that could be adopted by TEE implementers to remedy and improve the security posture of TrustZone and future research directions. |
topic |
TrustZone Trusted Execution Environments vulnerabilities exploitation side channel attacks IoT |
url |
https://www.mdpi.com/1424-8220/21/2/520 |
work_keys_str_mv |
AT nikolaoskoutroumpouchos buildingtrustforsmartconnecteddevicesthechallengesandpitfallsoftrustzone AT christoforosntantogian buildingtrustforsmartconnecteddevicesthechallengesandpitfallsoftrustzone AT christosxenakis buildingtrustforsmartconnecteddevicesthechallengesandpitfallsoftrustzone |
_version_ |
1724338755560538112 |