{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,10]],"date-time":"2026-02-10T05:56:21Z","timestamp":1770702981975,"version":"3.49.0"},"reference-count":59,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2025,2,1]],"date-time":"2025-02-01T00:00:00Z","timestamp":1738368000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2025,2,4]],"date-time":"2025-02-04T00:00:00Z","timestamp":1738627200000},"content-version":"vor","delay-in-days":3,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100009473","name":"Universidad de M\u00e1laga","doi-asserted-by":"crossref","id":[{"id":"10.13039\/100009473","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2025,2]]},"abstract":"<jats:title>Abstract<\/jats:title>\n          <jats:p>The proliferation of Internet of Things and cyberphysical systems has introduced unprecedented challenges in ensuring the integrity and confidentiality of critical data, making robust security mechanisms essential. There are several mechanisms intended to assure trust with respect to the software loaded into the system and the trustworthiness of the boot process. These mechanisms start from a Root of Trust (RoT), from where all the other trusts, e.g., for components and software are derived. As part of the <jats:italic>RoT<\/jats:italic>, a Secure Storage is needed. This Secure Storage can be considered as part of the <jats:italic>RoT<\/jats:italic> or considered a separate component. After a <jats:italic>RoT<\/jats:italic> is established, a Trusted Boot can be performed. The execution of computational processes can then be supported by using separate execution zones (<jats:italic>Zone Isolation<\/jats:italic>). More complex trust functions such as remote attestation can be performed by a <jats:italic>Trusted Platform Module<\/jats:italic>\n            <jats:italic>(TPM)<\/jats:italic>. In this paper, we propose security patterns for these components. The abstraction power of patterns can be used to define the basic aspects that each of these components must have, thus serving as reference for designers and for security evaluation.<\/jats:p>","DOI":"10.1007\/s10207-024-00972-3","type":"journal-article","created":{"date-parts":[[2025,2,4]],"date-time":"2025-02-04T21:45:31Z","timestamp":1738705531000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["A cluster of patterns for trusted computing"],"prefix":"10.1007","volume":"24","author":[{"given":"Eduardo B.","family":"Fernandez","sequence":"first","affiliation":[]},{"given":"Antonio","family":"Mu\u00f1oz","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,2,4]]},"reference":[{"issue":"9","key":"972_CR1","doi-asserted-by":"publisher","first-page":"1062","DOI":"10.1002\/sec.393","volume":"5","author":"M Alam","year":"2012","unstructured":"Alam, M., Ali, T., Khan, S., Khan, S., Ali, M., Nauman, M., Alghathbar, K.: Analysis of existing remote attestation techniques. Secur. Commun. Netw. 5(9), 1062\u20131082 (2012)","journal-title":"Secur. Commun. Netw."},{"key":"972_CR2","first-page":"251","volume":"2023","author":"U Ali","year":"2023","unstructured":"Ali, U., Omar, H., Ma, C., Garg, V., Khan, O.: Hardware root-of-trust implementations in trusted execution environments. IACR Cryptol. ePrint Arch. 2023, 251 (2023)","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"972_CR3","unstructured":"Amael, J.T., Natan, O., Istiyanto, J.E.: High-security hardware module with PUF and hybrid cryptography for data security (2024). arXiv preprint arXiv:2409.09928"},{"key":"972_CR4","doi-asserted-by":"crossref","unstructured":"Arbaugh, W.A., Farber, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 65\u201371. IEEE Computer Society Press (1997)","DOI":"10.1109\/SECPRI.1997.601317"},{"key":"972_CR5","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4302-6584-9","volume-title":"A Practical Guide to TPM 2.0: Using the New Trusted Platform Module in the New Age of Security","author":"W Arthur","year":"2015","unstructured":"Arthur, W., Challener, D., Goldman, K.: A Practical Guide to TPM 2.0: Using the New Trusted Platform Module in the New Age of Security. Springer (2015)"},{"key":"972_CR6","unstructured":"MITRE ATT &CK: MITRE ATT &CK (2021). https:\/\/attack.mitre.org"},{"key":"972_CR7","unstructured":"MITRE ATT &CK: Sub-technique t1542.001: system firmware (2024). Accessed 26 Nov 2024"},{"key":"972_CR8","unstructured":"MITRE ATT &CK: Sub-technique t1562.001: disable or modify tools (2024). Accessed 26 Nov 2024"},{"key":"972_CR9","unstructured":"MITRE ATT &CK: Sub-technique t1600.001: weaken encryption: reduce key space (2024). Accessed 26 Nov 2024"},{"key":"972_CR10","unstructured":"MITRE ATT &CK: Technique t1059: command and scripting interpreter (2024). Accessed 26 Nov 2024"},{"key":"972_CR11","unstructured":"MITRE ATT &CK: Technique t1195: supply chain compromise (2024). Accessed 26 Nov 2024"},{"key":"972_CR12","unstructured":"MITRE ATT &CK: Technique t1542: pre-os boot (2024). Accessed 25 Nov 2024"},{"key":"972_CR13","unstructured":"MITRE ATT &CK: Technique t1547: boot or logon autostart execution (2024). Accessed 25 Nov 2024"},{"key":"972_CR14","unstructured":"MITRE ATT &CK: Technique t1555: credentials from password stores (2024). Accessed 25 Nov 2024"},{"key":"972_CR15","unstructured":"MITRE ATT &CK: Technique t1566: phishing (2024). Accessed 26 Nov 2024"},{"key":"972_CR16","unstructured":"MITRE ATT &CK: Technique t1570: lateral tool transfer (2024). Accessed 25 Nov 2024"},{"key":"972_CR17","volume-title":"Pattern-Oriented Software Architecture: A System of Patterns","author":"F Buschmann","year":"1996","unstructured":"Buschmann, F., Meunier, R., Rohnert, H., Sommerlad, P., Stal, M.: Pattern-Oriented Software Architecture: A System of Patterns, vol. 1. Wiley (1996)"},{"key":"972_CR18","unstructured":"Chabaud, F.: Setting hardware root-of-trust from edge to cloud, and how to use it. In: C &ESAR, pp. 115\u2013130 (2022)"},{"key":"972_CR19","unstructured":"Chakraborty, D., Hanzlik, L., Bugiel, S.: $$\\{$$simTPM$$\\}$$: user-centric $$\\{$$TPM$$\\}$$ for mobile devices. In: 28th USENIX Security Symposium (USENIX Security 19), pp. 533\u2013550 (2019)"},{"key":"972_CR20","unstructured":"CyberArk Software Ltd: Cyberark: leader in identity security (2024). Accessed 26 Nov 2024"},{"key":"972_CR21","doi-asserted-by":"crossref","unstructured":"Ehret, A., Moore, P., Stojkov, M., Kinsy, M.A.: Hardware root-of-trust support for operational technology cybersecurity in critical infrastructures. In: 2023 IEEE High Performance Extreme Computing Conference (HPEC), pp. 1\u20137. IEEE (2023)","DOI":"10.1109\/HPEC58863.2023.10363457"},{"key":"972_CR22","unstructured":"Fernandez, E.B.: Security patterns in practice: building secure architectures using software patterns. Wiley Series on Software Design Patterns (2013)"},{"key":"972_CR23","unstructured":"Fernandez, E.B., Forneron, J.: A security pattern for zone isolation using virtual processors in mobile and embedded systems. In: 12th Latin American Pattern Languages of Programs Conference, Valparaiso, Chile, November (2018)"},{"key":"972_CR24","doi-asserted-by":"crossref","unstructured":"Fernandez, E.B., LaRed, M.D.: Patterns for the secure and reliable execution of processes. In: Proceedings of the 15th International Conference on Pattern Languages of Programs (PLoP 2008), Nashville, TN, October (2008)","DOI":"10.1145\/1753196.1753225"},{"key":"972_CR25","doi-asserted-by":"crossref","unstructured":"Fernandez, E.B., Yoshioka, N., Washizaki, H., Yoder, J.: Abstract security patterns and the design of secure systems. Cybersecurity (2022)","DOI":"10.1186\/s42400-022-00109-w"},{"issue":"9","key":"972_CR26","doi-asserted-by":"publisher","first-page":"1216","DOI":"10.1109\/TC.2008.69","volume":"57","author":"L Fiorin","year":"2008","unstructured":"Fiorin, L., Palermo, G., Lukovic, S., Catalano, V., Silvano, C.: Secure memory accesses on networks-on-chip. IEEE Trans. Comput. 57(9), 1216\u20131229 (2008)","journal-title":"IEEE Trans. Comput."},{"key":"972_CR27","unstructured":"Google: Android verified boot (AVB) (2013). Accessed 3 Dec 2024"},{"key":"972_CR28","doi-asserted-by":"crossref","unstructured":"Hoeller, A., Toegl, R.: Trusted platform modules in cyber-physical systems: on the interference between security and dependability. In: 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS &PW), pp. 136\u2013144 (2018)","DOI":"10.1109\/EuroSPW.2018.00026"},{"key":"972_CR29","unstructured":"Huawei: Emui 8.0 security technical white paper. https:\/\/consumer-img.huawei.com\/content\/dam\/huawei-cbg-site\/en\/mkt\/legal\/privacy-policy\/EMUIOctober 2017"},{"key":"972_CR30","doi-asserted-by":"crossref","unstructured":"Li, Y., Cheng, Y., Gligor, V., Perrig, A.: Establishing software-only root of trust on embedded systems: facts and fiction. In: Christianson, B. et al. (eds.) Security Protocols 2015, LNCS 9379, pp. 50\u201368 (2015)","DOI":"10.1007\/978-3-319-26096-9_7"},{"key":"972_CR31","doi-asserted-by":"crossref","unstructured":"Lohr, H., Sadeghi, A-R., Winandy, M.: Patterns for secure boot and secure storage in computer systems. In: 2010 International Conference on Availability, Reliability and Security (ARES 2010), pp. 569\u2013573 (2010)","DOI":"10.1109\/ARES.2010.110"},{"key":"972_CR32","unstructured":"Maene, P.: Lightweight roots of trust for modern systems-on-chip (2019)"},{"key":"972_CR33","unstructured":"Mao, J., Zhu, H., Fan, J., Li, L., Chang, X.: Towards trust proof for secure confidential virtual machines (2024). arXiv preprint arXiv:2405.01030"},{"key":"972_CR34","unstructured":"Microsoft: Bitlocker drive encryption (2007). Accessed 3 Dec 2024"},{"key":"972_CR35","unstructured":"Microsoft: Secure boot. https:\/\/learn.microsoft.com\/en-us\/windows-hardware\/design\/device-experiences\/oem-secure-boot Accessed 2023"},{"key":"972_CR36","unstructured":"MITRE ATT &CK: Technique T1542.002: component firmware (2024). Accessed 26 Nov 2024"},{"key":"972_CR37","unstructured":"MITRE ATT &CK: Technique T1542.003: BOOTKIT (2024). Accessed 25 Nov 2024"},{"key":"972_CR38","unstructured":"MITRE ATT &CK: Technique T1556.001: credential dumping: LSASS memory (2024). Accessed 25 Nov 2024"},{"key":"972_CR39","doi-asserted-by":"crossref","unstructured":"Mu\u00f1oz, A., Fernandez, E.B.: TPM, a pattern for an architecture for trusted computing. In: Proceedings of the European Conference on Pattern Languages of Programs (EuroPLoP), vol. 2020, pp. 1\u20138 (2020)","DOI":"10.1145\/3424771.3424781"},{"key":"972_CR40","doi-asserted-by":"crossref","unstructured":"Mu\u00f1oz, A., R\u00edos, R., Rom\u00e1n, R., L\u00f3pez, J.: A survey on the (in)security of trusted execution environments. Comput. Secur. (2023)","DOI":"10.1016\/j.cose.2023.103180"},{"issue":"1","key":"972_CR41","first-page":"1","volume":"1","author":"A Mu\u00f1oz","year":"2018","unstructured":"Mu\u00f1oz, A., Lopez, J.: A security pattern for cloud service certification. ScienceDirect 1(1), 1\u20137 (2018)","journal-title":"ScienceDirect"},{"key":"972_CR42","unstructured":"National Institute of Standards and Technology: Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0 (2014). Accessed 25 Nov 2024"},{"key":"972_CR43","unstructured":"National Institute of Standards and Technology: FIPS 140-2: security requirements for cryptographic modules (2001). Accessed 26 Nov 2024"},{"key":"972_CR44","unstructured":"Open Mobile Terminal Platform Group (OMTP): Open mobile terminal platform group (OMTP) (2015). Accessed 26 Nov 2024"},{"issue":"2","key":"972_CR45","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1109\/MSP.2005.40","volume":"3","author":"R Oppliger","year":"2005","unstructured":"Oppliger, R., Rytz, R.: Does trusted computing remedy computer security problems? IEEE Secur. Priv. 3(2), 16\u201319 (2005)","journal-title":"IEEE Secur. Priv."},{"key":"972_CR46","doi-asserted-by":"publisher","first-page":"487","DOI":"10.1016\/j.procs.2020.03.264","volume":"167","author":"P Parmar","year":"2020","unstructured":"Parmar, P., Bhavsar, M.: Achieving trust using rot in IAAS cloud. Procedia Comput. Sci. 167, 487\u2013495 (2020)","journal-title":"Procedia Comput. Sci."},{"key":"972_CR47","doi-asserted-by":"crossref","unstructured":"Parthipan, L., Chen, L., Newton, C.J.P., Li, Y., Liu, F., Wang, D.: Drot: a decentralised root of trust for trusted networks. In: International Conference on Information and Communications Security, pp. 683\u2013701. Springer (2023)","DOI":"10.1007\/978-981-99-7356-9_40"},{"key":"972_CR48","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103514","volume":"135","author":"C Plappert","year":"2023","unstructured":"Plappert, C., Lorych, D., Eckel, M., J\u00e4ger, L., Fuchs, A., Heddergott, R.: Evaluating the applicability of hardware trust anchors for automotive applications. Comput. Secur. 135, 103514 (2023)","journal-title":"Comput. Secur."},{"key":"972_CR49","unstructured":"Rambus: Hardware root of trust: everything you need to know. Accessed 25 Nov 2024"},{"key":"972_CR50","unstructured":"Inc. Rambus. Root of trust rt-600 series: security anchored in hardware (2021). https:\/\/www.rambus.com\/security\/root-of-trust\/rt-600-series\/"},{"key":"972_CR51","doi-asserted-by":"crossref","unstructured":"Sabt, M., Achemlal, M., Bouabdallah, A.: Trusted execution environment: what it is, and what it is not. In: 2015 IEEE Trustcom\/BigDataSE\/Ispa, vol.\u00a01, pp. 57\u201364 (2015)","DOI":"10.1109\/Trustcom.2015.357"},{"key":"972_CR52","doi-asserted-by":"crossref","unstructured":"Shimizu, K., Nusser, S., Plouffe, W., Zbarsky, V., Sakamoto, M., Murase, M.: Cell broadband $${\\text{engine}}^{TM}$$ processor security architecture and digital content protection. In: Proceedings of the 4th ACM International Workshop on Contents Protection and Security, pp. 13\u201318 (2006)","DOI":"10.1145\/1178766.1178771"},{"key":"972_CR53","doi-asserted-by":"crossref","unstructured":"Sun, H., Sun, K., Wang, Y., Jing, J., Wang, H.: Trustice: hardware-assisted isolated computing environments on mobile devices. In: 2015 45th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks, pp. 367\u2013378. IEEE (2015)","DOI":"10.1109\/DSN.2015.11"},{"key":"972_CR54","unstructured":"Synopsys, Inc: DesignWare tRoot Secure Hardware Root of Trust. Accessed 1 Dec 2024"},{"key":"972_CR55","unstructured":"Trusted Computing Group: TCG TPM Specification, Version 1.2, Revision 103 (2007). Accessed 26 Nov 2024"},{"key":"972_CR56","doi-asserted-by":"crossref","unstructured":"Winter, J.: Trusted computing building blocks for embedded linux-based arm trustzone platforms. In: STC\u201908, pp. 21\u201330, Fairfax, VA, USA. ACM (2008)","DOI":"10.1145\/1456455.1456460"},{"key":"972_CR57","doi-asserted-by":"crossref","unstructured":"Wu, Y., Skipper, G., Cui, A.: Uprooting trust: Learnings from an unpatchable hardware root-of-trust vulnerability in siemens s7-1500 plcs. In: 2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 179\u2013190. IEEE Computer Society (2023)","DOI":"10.1109\/HOST55118.2023.10133438"},{"key":"972_CR58","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2023.100766","volume":"22","author":"S Zahid","year":"2023","unstructured":"Zahid, S., Mazhar, M.S., Abbas, S.G., Hanif, Z., Hina, S., Shah, G.A.: Threat modeling in smart firefighting systems: aligning MITRE ATT &CK matrix and NIST security controls. Internet Things 22, 100766 (2023)","journal-title":"Internet Things"},{"key":"972_CR59","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103095","volume":"127","author":"C Zheng","year":"2023","unstructured":"Zheng, C., Li, J., Yao, X.: Design and implementation of trusted boot based on a new trusted computing dual-architecture. Comput. Secur. 127, 103095 (2023)","journal-title":"Comput. Secur."}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-024-00972-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-024-00972-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-024-00972-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,2,12]],"date-time":"2025-02-12T05:19:05Z","timestamp":1739337545000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-024-00972-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,2]]},"references-count":59,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2025,2]]}},"alternative-id":["972"],"URL":"https:\/\/doi.org\/10.1007\/s10207-024-00972-3","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,2]]},"assertion":[{"value":"4 February 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The corresponding author declares that there is no Conflict of interest on behalf of all authors.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"The authors of this study have not conducted any research with humans or animals.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Compliance with ethical standards"}}],"article-number":"72"}}