Nokia Corporation, 90620 Oulu, Finland.
Department of Technology and Information Systems, University of Castilla-La Mancha, 13001 Ciudad Real, Spain.
Sensors (Basel). 2023 May 16;23(10):4794. doi: 10.3390/s23104794.
Internet of Things cybersecurity is gaining attention as the number of devices installed in IoT environments is exponentially increasing while the number of attacks successfully addressed to these devices are also proliferating. Security concerns have, however, been mainly addressed to service availability and information integrity and confidentiality. Code integrity, on the other hand, is not receiving proper attention, mainly because of the limited resources of these devices, thus preventing the implementation of advanced protection mechanisms. This situation calls for further research on how traditional mechanisms for code integrity can be adapted to IoT devices. This work presents a mechanism for code integrity in IoT devices based on a virtual-machine approach. A proof-of-concept virtual machine is presented, specially designed for providing code integrity during firmware updates. The proposed approach has been experimentally validated in terms of resource consumption among the most-widespread micro-controller units. The obtained results demonstrate the feasibility of this robust mechanism for code integrity.
物联网的网络安全正受到越来越多的关注,因为物联网环境中安装的设备数量呈指数级增长,而针对这些设备的成功攻击数量也在不断增加。然而,安全关注点主要集中在服务可用性和信息完整性和保密性上。另一方面,代码完整性并没有得到适当的关注,主要是因为这些设备的资源有限,从而阻止了先进保护机制的实施。这种情况要求进一步研究如何将传统的代码完整性机制应用于物联网设备。这项工作提出了一种基于虚拟机方法的物联网设备代码完整性机制。提出了一种特别设计的虚拟机,用于在固件更新期间提供代码完整性。在所研究的最广泛的微控制器单元中,从资源消耗的角度对提出的方法进行了实验验证。实验结果表明,该代码完整性的健壮机制是可行的。
