SWATT: software-based attestation for embedded devices

Top Cited Papers

proceedings article
Published by Institute of Electrical and Electronics Engineers (IEEE)

https://doi.org/10.1109/secpri.2004.1301329

Abstract

We expect a future where we are surrounded by embed- ded devices, ranging from Java-enabled cell phones to sen- sor networks and smart appliances. An adversary can com- promise our privacy and safety by maliciously modifying the memory contents of these embedded devices. In this paper, we propose a SoftWare-based ATTestation technique (SWATT) to verify the memory contents of embedded de- vices and establish the absence of malicious changes to the memory contents. SWATT does not need physical access to the device's memory, yet provides memory content at- testation similar to TCG or NGSCB without requiring se- cure hardware. SWATT can detect any change in memory contents with high probability, thus detecting viruses, un - expected configuration settings, and Trojan Horses. To cir- cumvent SWATT, we expect that an attacker needs to change the hardware to hide memory content changes. We present an implementation of SWATT in off-the-shelf sensor network devices, which enables us to verify the con- tents of the program memory even while the sensor node is running.

Keywords

This publication has 5 references indexed in Scilit:

A secure and reliable bootstrap architecture
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2002
Denali
Published by Association for Computing Machinery (ACM) ,2002
System architecture directions for networked sensors
Published by Association for Computing Machinery (ACM) ,2000
Building a high-performance, programmable secure coprocessor
Computer Networks, 1999
Using a high-performance, programmable secure coprocessor
Published by Springer Nature ,1998