{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T10:01:45Z","timestamp":1776074505402,"version":"3.50.1"},"reference-count":63,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2026,3,28]],"date-time":"2026-03-28T00:00:00Z","timestamp":1774656000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2026,3,28]],"date-time":"2026-03-28T00:00:00Z","timestamp":1774656000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"name":"Wallenberg AI, Autonomous Systems and Software Program"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>Remote attestation enables centralized entities to assess the trustworthiness of remote devices. However, despite its utility, existing approaches often lack explicit support for secure software updates, which are essential for maintaining long-term security in embedded systems. This paper presents RASUES, a remote-attestation-based scheme specifically designed to integrate software update mechanisms into embedded systems. To achieve this, we extend the RATS (Remote ATtestation procedureS) RFC 9334 specification with an update procedure that accounts for both the expected state before and after the update. We implement the core functionality of RASUES on a TPM-based embedded hardware platform to demonstrate its feasibility. We evaluate the latency of the prototype and analyze its security properties, revealing that RASUES introduces minimal performance overhead while significantly enhancing security under defined assumptions. Furthermore, we conduct a comprehensive security analysis to identify potential threats and demonstrate how RASUES mitigates them. We also highlight areas in which the protocol must be complemented with additional security mechanisms, ensuring a transparent evaluation of RASUES\u2019s capabilities and limitations.<\/jats:p>","DOI":"10.1007\/s10207-026-01233-1","type":"journal-article","created":{"date-parts":[[2026,3,28]],"date-time":"2026-03-28T12:51:39Z","timestamp":1774702299000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Bridging remote attestation and secure software updates in embedded systems"],"prefix":"10.1007","volume":"25","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6781-1420","authenticated-orcid":false,"given":"Ahmad B.","family":"Usman","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9886-6651","authenticated-orcid":false,"given":"Zeeshan","family":"Afzal","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1916-3398","authenticated-orcid":false,"given":"Mikael","family":"Asplund","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,3,28]]},"reference":[{"key":"1233_CR1","doi-asserted-by":"publisher","first-page":"124589","DOI":"10.1109\/ACCESS.2024.3454555","volume":"12","author":"S Al Atiiq","year":"2024","unstructured":"Al Atiiq, S., Gehrmann, C.: Regaining dominance in cider and lazarus. IEEE Access 12, 124589\u2013124603 (2024). https:\/\/doi.org\/10.1109\/ACCESS.2024.3454555","journal-title":"IEEE Access"},{"key":"1233_CR2","doi-asserted-by":"publisher","unstructured":"Asokan, N., Nyman, T., Rattanavipanon, N., Sadeghi, A.R., Tsudik, G.: Assured: Architecture for secure software update of realistic embedded devices. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. (2018). https:\/\/doi.org\/10.1109\/TCAD.2018.2858422","DOI":"10.1109\/TCAD.2018.2858422"},{"key":"1233_CR3","unstructured":"AWDT_2020, StefanT T, Clifford EB, Paul E, Dennis James M, Marcus P (2020) WO2020197805 -CRYPTOGRAPHICHARDWARE. https:\/\/patentscope.wipo.int\/search\/en\/detail.jsf?docId=WO2020197805. Accessed 25 Feb 2026"},{"key":"1233_CR4","doi-asserted-by":"publisher","unstructured":"Barbareschi, M., Battista, E., Mazzeo, A., Venkatesan, S.: Advancing wsn physical security adopting tpm-based architectures. In: Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014), pp. 394\u2013399 (2014). https:\/\/doi.org\/10.1109\/IRI.2014.7051916","DOI":"10.1109\/IRI.2014.7051916"},{"key":"1233_CR5","unstructured":"Bellissimo, A., Burgess, J., Fu, K.: Secure software updates: Disappointments and new challenges. In: First USENIX Workshop on Hot Topics in Security (HotSec 06). USENIX Association, Vancouver, B.C. Canada (2006). https:\/\/www.usenix.org\/conference\/hotsec-06\/secure-software-updates-disappointments-and-new-challenges"},{"key":"1233_CR6","doi-asserted-by":"crossref","unstructured":"Birkholz, H., Thaler, D., Richardson, M., Smith, N., Pan, W.: Rfc 9334: Remote attestation procedures (rats) architecture (2023). 10.17487\/RFC9334","DOI":"10.17487\/RFC9334"},{"key":"1233_CR7","doi-asserted-by":"crossref","unstructured":"Bormann, C., Hoffman, P.: Concise binary object representation (cbor). Tech. rep. (2013). https:\/\/datatracker.ietf.org\/doc\/html\/rfc8949","DOI":"10.17487\/rfc7049"},{"key":"1233_CR8","doi-asserted-by":"publisher","unstructured":"Carpent, X., Rattanavipanon, N., Tsudik, G.: Remote attestation of iot devices via smarm: Shuffled measurements against roving malware. In: 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 9\u201316 (2018). https:\/\/doi.org\/10.1109\/HST.2018.8383885","DOI":"10.1109\/HST.2018.8383885"},{"key":"1233_CR9","doi-asserted-by":"publisher","unstructured":"Castelluccia, C., Francillon, A., Perito, D., Soriente, C.: On the difficulty of software-based attestation of embedded devices. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS \u201909, p. 400\u2013409. Association for Computing Machinery, New York, NY, USA (2009). https:\/\/doi.org\/10.1145\/1653662.1653711","DOI":"10.1145\/1653662.1653711"},{"key":"1233_CR10","doi-asserted-by":"publisher","DOI":"10.1016\/j.iot.2025.101513","volume":"30","author":"J Cec\u00edlio","year":"2025","unstructured":"Cec\u00edlio, J., de S\u00e1, A.O., J\u00e4ger, G., Souto, A., Casimiro, A.: Lwsee: Lightweight secured software-based execution environment. Internet of Things 30, 101513 (2025). https:\/\/doi.org\/10.1016\/j.iot.2025.101513","journal-title":"Internet of Things"},{"key":"1233_CR11","doi-asserted-by":"crossref","unstructured":"Coughlin, A., Cusack, G., Wampler, J., Keller, E., Wustrow, E.: Breaking the trust dependence on third party processes for reconfigurable secure hardware. In: Proceedings of the 2019 ACM\/SIGDA International Symposium on Field-Programmable Gate Arrays, FPGA \u201919, p. 282\u2013291. Association for Computing Machinery, New York, NY, USA (2019). DOI: 10.1145\/3289602.3293895","DOI":"10.1145\/3289602.3293895"},{"key":"1233_CR12","doi-asserted-by":"publisher","unstructured":"De Oliveira Nunes, I., Jakkamsetti, S., Kim, Y., Tsudik, G.: Casu: Compromise avoidance via secure update for low-end embedded systems. In: Proceedings of the 41st IEEE\/ACM International Conference on Computer-Aided Design, ICCAD \u201922. Association for Computing Machinery, New York, NY, USA (2022). https:\/\/doi.org\/10.1145\/3508352.3549450","DOI":"10.1145\/3508352.3549450"},{"key":"1233_CR13","doi-asserted-by":"publisher","unstructured":"De Oliveira Nunes, I., Jakkamsetti, S., Rattanavipanon, N., Tsudik, G.: On the toctou problem in remote attestation. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201921, p. 2921\u20132936. Association for Computing Machinery, New York, NY, USA (2021). https:\/\/doi.org\/10.1145\/3460120.3484532","DOI":"10.1145\/3460120.3484532"},{"key":"1233_CR14","doi-asserted-by":"publisher","unstructured":"Debes, H.B., Dushku, E., Giannetsos, T., Marandi, A.: Zekra: Zero-knowledge control-flow attestation. In: Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security, ASIA CCS \u201923, p. 357\u2013371. Association for Computing Machinery, New York, NY, USA (2023). https:\/\/doi.org\/10.1145\/3579856.3582833","DOI":"10.1145\/3579856.3582833"},{"key":"1233_CR15","unstructured":"Defrawy, K.M.E., Tsudik, G., Francillon, A., Perito, D.: Smart: Secure and minimal architecture for (establishing dynamic) root of trust. In: Network and Distributed System Security Symposium (2012). https:\/\/api.semanticscholar.org\/CorpusID:909934"},{"key":"1233_CR16","doi-asserted-by":"crossref","unstructured":"Dierks, T., Rescorla, E.: Rfc 5246: The transport layer security (tls) protocol version 1.2 (2008)","DOI":"10.17487\/rfc5246"},{"key":"1233_CR17","doi-asserted-by":"publisher","unstructured":"Eckel, M., George, D.R., Grohmann, B., Krau\u00df, C.: Remote attestation with constrained disclosure. In: Proceedings of the 39th Annual Computer Security Applications Conference, ACSAC \u201923, p. 718\u2013731. Association for Computing Machinery, New York, NY, USA (2023). https:\/\/doi.org\/10.1145\/3627106.3627118","DOI":"10.1145\/3627106.3627118"},{"key":"1233_CR18","doi-asserted-by":"publisher","unstructured":"Eckel, M., G\u00fcrgens, S.: Secura: Unified reference architecture for advanced security and trust in safety critical infrastructures. In: Proceedings of the 19th International Conference on Availability, Reliability and Security, ARES \u201924. Association for Computing Machinery, New York, NY, USA (2024). https:\/\/doi.org\/10.1145\/3664476.3664513","DOI":"10.1145\/3664476.3664513"},{"key":"1233_CR19","doi-asserted-by":"publisher","unstructured":"Eckel, M., Gutsche, T., Lauer, H., Rein, A.: A generic iot quantum-safe watchdog timer protocol. In: Proceedings of the 18th International Conference on Availability, Reliability and Security, ARES \u201923. Association for Computing Machinery, New York, NY, USA (2023). https:\/\/doi.org\/10.1145\/3600160.3605169","DOI":"10.1145\/3600160.3605169"},{"key":"1233_CR20","doi-asserted-by":"publisher","unstructured":"Eldefrawy, K., Rattanavipanon, N., Tsudik, G.: Hydra: hybrid design for remote attestation (using a formally verified microkernel). In: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec \u201917, p. 99\u2013110. Association for Computing Machinery, New York, NY, USA (2017). https:\/\/doi.org\/10.1145\/3098243.3098261","DOI":"10.1145\/3098243.3098261"},{"key":"1233_CR21","doi-asserted-by":"publisher","unstructured":"Feng, W., Qin, Y., Zhao, S., Liu, Z., Chu, X., Feng, D.: Secure code updates for smart embedded devices based on pufs. In: S. Capkun, S.S.M. Chow (eds.) Cryptology and Network Security, pp. 325\u2013346. Springer International Publishing, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-02641-7_15","DOI":"10.1007\/978-3-030-02641-7_15"},{"key":"1233_CR22","doi-asserted-by":"publisher","unstructured":"Geden, M., Rasmussen, K.: Hardware-assisted remote runtime attestation for critical embedded systems. In: 2019 17th International Conference on Privacy, Security and Trust (PST), pp. 1\u201310 (2019). https:\/\/doi.org\/10.1109\/PST47121.2019.8949036","DOI":"10.1109\/PST47121.2019.8949036"},{"key":"1233_CR23","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2022.109394","volume":"218","author":"A Ghosal","year":"2022","unstructured":"Ghosal, A., Halder, S., Conti, M.: Secure over-the-air software update for connected vehicles. Comput. Netw. 218, 109394 (2022)","journal-title":"Comput. Netw."},{"key":"1233_CR24","unstructured":"Grisafi, M., Ammar, M., Roveri, M., Crispo, B.: PISTIS: Trusted computing architecture for low-end embedded systems. In: 31st USENIX Security Symposium (USENIX Security 22), pp. 3843\u20133860. USENIX Association, Boston, MA (2022). https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/grisafi"},{"key":"1233_CR25","doi-asserted-by":"crossref","unstructured":"Hao, F.: Schnorr Non-interactive Zero-Knowledge Proof. RFC 8235 (2017). 10.17487\/RFC8235","DOI":"10.17487\/RFC8235"},{"key":"1233_CR26","doi-asserted-by":"publisher","unstructured":"Huber, M., Hristozov, S., Ott, S., Sarafov, V., Peinado, M.: The lazarus effect: Healing compromised devices in the internet of small things. In: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS \u201920, p. 6\u201319. Association for Computing Machinery, New York, NY, USA (2020). https:\/\/doi.org\/10.1145\/3320269.3384723","DOI":"10.1145\/3320269.3384723"},{"key":"1233_CR27","doi-asserted-by":"publisher","unstructured":"J\u00e4ger, L., Lorych, D., Eckel, M.: A resilient network node for the industrial internet of things. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, ARES \u201922. Association for Computing Machinery, New York, NY, USA (2022). https:\/\/doi.org\/10.1145\/3538969.3538989","DOI":"10.1145\/3538969.3538989"},{"key":"1233_CR28","doi-asserted-by":"publisher","unstructured":"Karame, G.O., Li, W.: Secure erasure and code update in legacy sensors. In: M. Conti, M. Schunter, I. Askoxylakis (eds.) Trust and Trustworthy Computing, pp. 283\u2013299. Springer International Publishing, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-22846-4_17","DOI":"10.1007\/978-3-319-22846-4_17"},{"key":"1233_CR29","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102952","volume":"124","author":"A Khurshid","year":"2023","unstructured":"Khurshid, A., Raza, S.: Autocert: Automated toctou-secure digital certification for iot with combined authentication and assurance. Computers & Security 124, 102952 (2023). https:\/\/doi.org\/10.1016\/j.cose.2022.102952","journal-title":"Computers & Security"},{"key":"1233_CR30","doi-asserted-by":"publisher","unstructured":"Khurshid, A., Raza, S.: Autocert: Automated toctou-secure digital certification for iot with combined authentication and assurance. Computers & Security 124, 102952 (2023). https:\/\/doi.org\/10.1016\/j.cose.2022.102952https:\/\/www.sciencedirect.com\/science\/article\/pii\/S0167404822003443","DOI":"10.1016\/j.cose.2022.102952"},{"key":"1233_CR31","doi-asserted-by":"publisher","unstructured":"Koeberl, P., Schulz, S., Sadeghi, A.R., Varadharajan, V.: Trustlite: A security architecture for tiny embedded devices. In: Proceedings of the Ninth European Conference on Computer Systems, EuroSys \u201914. Association for Computing Machinery, New York, NY, USA (2014). https:\/\/doi.org\/10.1145\/2592798.2592824","DOI":"10.1145\/2592798.2592824"},{"issue":"5","key":"1233_CR32","doi-asserted-by":"publisher","first-page":"2920","DOI":"10.1109\/TDSC.2021.3077993","volume":"19","author":"S Kumar","year":"2022","unstructured":"Kumar, S., Eugster, P., Santini, S.: Software-based remote network attestation. IEEE Trans. Dependable Secure Comput. 19(5), 2920\u20132933 (2022). https:\/\/doi.org\/10.1109\/TDSC.2021.3077993","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"1233_CR33","unstructured":"Moghimi, D., Sunar, B., Eisenbarth, T., Heninger, N.: TPM-FAIL: TPM meets timing and lattice attacks. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 2057\u20132073. USENIX Association (2020). https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/moghimi-tpm"},{"key":"1233_CR34","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1007\/978-3-642-00587-9_5","volume-title":"Trusted Computing","author":"M Nauman","year":"2009","unstructured":"Nauman, M., Alam, M., Zhang, X., Ali, T.: Remote attestation of attribute updates and information flows in a ucon system. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trusted Computing, pp. 63\u201380. Springer, Berlin Heidelberg, Berlin, Heidelberg (2009)"},{"key":"1233_CR35","unstructured":"Nikitin, K., Kokoris-Kogias, E., Jovanovic, P., Gailly, N., Gasser, L., Khoffi, I., Cappos, J., Ford, B.: CHAINIAC: Proactive Software-Update transparency via collectively signed skipchains and verified builds. In: 26th USENIX Security Symposium (USENIX Security 17), pp. 1271\u20131287. USENIX Association, Vancouver, BC (2017). https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/nikitin"},{"key":"1233_CR36","unstructured":"Noorman, J., Agten, P., Daniels, W., Strackx, R., Van Herrewege, A., Huygens, C., Preneel, B., Verbauwhede, I., Piessens, F.: Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In: Proceedings of the 22nd USENIX Conference on Security, SEC\u201913, p. 479\u2013494. USENIX Association, USA (2013)"},{"key":"1233_CR37","unstructured":"Nunes, I.D.O., Eldefrawy, K., Rattanavipanon, N., Steiner, M., Tsudik, G.: VRASED: A verified Hardware\/Software Co-Design for remote attestation. In: 28th USENIX Security Symposium (USENIX Security 19), pp. 1429\u20131446. USENIX Association, Santa Clara, CA (2019). https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/de-oliveira-nunes"},{"key":"1233_CR38","doi-asserted-by":"publisher","unstructured":"de Oliveira Nunes, I., Eldefrawy, K., Rattanavipanon, N., Tsudik, G.: Pure: Using verified remote attestation to obtain proofs of update, reset and erasure in low-end embedded systems. In: 2019 IEEE\/ACM International Conference on Computer-Aided Design (ICCAD), pp. 1\u20138 (2019). https:\/\/doi.org\/10.1109\/ICCAD45719.2019.8942118","DOI":"10.1109\/ICCAD45719.2019.8942118"},{"key":"1233_CR39","doi-asserted-by":"publisher","unstructured":"Perito, D., Tsudik, G.: Secure code update for embedded devices via proofs of secure erasure. In: D. Gritzalis, B. Preneel, M. Theoharidou (eds.) Computer Security - ESORICS 2010, pp. 643\u2013662. Springer, Berlin Heidelberg, Berlin, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-15497-3_39","DOI":"10.1007\/978-3-642-15497-3_39"},{"key":"1233_CR40","doi-asserted-by":"publisher","unstructured":"Plappert, C., Fuchs, A.: Secure and lightweight ecu attestations for resilient over-the-air updates in connected vehicles. In: Proceedings of the 39th Annual Computer Security Applications Conference, ACSAC \u201923, p. 283\u2013297. Association for Computing Machinery, New York, NY, USA (2023). https:\/\/doi.org\/10.1145\/3627106.3627202","DOI":"10.1145\/3627106.3627202"},{"key":"1233_CR41","doi-asserted-by":"crossref","unstructured":"Ramachandran, K., Lutfiyya, H.: A remote attestation infrastructure for verifying the application of software updates. In: 2017 IFIP\/IEEE Symposium on Integrated Network and Service Management (IM), pp. 317\u2013325 (2017). 10.23919\/INM.2017.7987294","DOI":"10.23919\/INM.2017.7987294"},{"key":"1233_CR42","unstructured":"RASUES: https:\/\/github.com\/abusm4n\/rasues. Accessed: 2025\u201312-23"},{"key":"1233_CR43","doi-asserted-by":"crossref","unstructured":"Rawat, A., Khodari, M., Asplund, M., Gurtov, A.: Decentralized firmware attestation for in-vehicle networks. ACM Trans. Cyber-Phys. Syst. 5(1) (2021). DOI: 10.1145\/3418685","DOI":"10.1145\/3418685"},{"key":"1233_CR44","unstructured":"Salvador, O., Angolini, D.: Embedded Linux Development with Yocto Project. Packt Publishing Ltd (2014)"},{"key":"1233_CR45","doi-asserted-by":"publisher","unstructured":"Seshadri, A., Luk, M., Perrig, A., van Doorn, L., Khosla, P.: Scuba: Secure code update by attestation in sensor networks. In: Proceedings of the 5th ACM Workshop on Wireless Security, WiSe \u201906, p. 85\u201394. Association for Computing Machinery, New York, NY, USA (2006). https:\/\/doi.org\/10.1145\/1161289.1161306","DOI":"10.1145\/1161289.1161306"},{"key":"1233_CR46","doi-asserted-by":"publisher","unstructured":"Seshadri, A., Perrig, A., van Doorn, L., Khosla, P.: Swatt: software-based attestation for embedded devices. In: IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004, pp. 272\u2013282 (2004). https:\/\/doi.org\/10.1109\/SECPRI.2004.1301329","DOI":"10.1109\/SECPRI.2004.1301329"},{"key":"1233_CR47","doi-asserted-by":"crossref","unstructured":"Shelby, Z., Hartke, K., Bormann, C.: The constrained application protocol (coap). Tech. rep. (2014). https:\/\/datatracker.ietf.org\/doc\/html\/rfc7252","DOI":"10.17487\/rfc7252"},{"key":"1233_CR48","unstructured":"SIT, F.: Charra: Challenge-response based remote attestation with tpm 2.0. Fraunhofer-SIT (2019). https:\/\/github.com\/Fraunhofer-SIT\/charra"},{"key":"1233_CR49","doi-asserted-by":"publisher","unstructured":"Surminski, S., Niesler, C., Brasser, F., Davi, L., Sadeghi, A.R.: Realswatt: Remote software-based attestation for embedded devices under realtime constraints. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201921, p. 2890\u20132905. Association for Computing Machinery, New York, NY, USA (2021). https:\/\/doi.org\/10.1145\/3460120.3484788","DOI":"10.1145\/3460120.3484788"},{"issue":"13","key":"1233_CR50","doi-asserted-by":"publisher","first-page":"2171","DOI":"10.1002\/sec.1162","volume":"8","author":"H Tan","year":"2015","unstructured":"Tan, H., Hu, W., Jha, S.: A remote attestation protocol with trusted platform modules (tpms) in wireless sensor networks. Security and Communication Networks 8(13), 2171\u20132188 (2015). https:\/\/doi.org\/10.1002\/sec.1162","journal-title":"Security and Communication Networks"},{"key":"1233_CR51","unstructured":"TCG: Trusted computing group (2003). https:\/\/trustedcomputinggroup.org. Last visited: 2023\u201307-28"},{"key":"1233_CR52","unstructured":"TCG: Tpm 2.0 authenticated countdown timer (act) command (2019). https:\/\/trustedcomputinggroup.org\/wp-content\/uploads\/TCG_TPM_ACTCommand_v1r3_pubrev.pdf. Last visited: 2024\u201302-16"},{"key":"1233_CR53","unstructured":"TCG: Tss 2.0 enhanced system api (esapi) specification (2021). https:\/\/trustedcomputinggroup.org\/wp-content\/uploads\/TSS_ESAPI_v1p0_r14_pub10012021.pdf. Last visited: 2023\u201308-07"},{"key":"1233_CR54","unstructured":"TCG: Dice attestation architecture (2023). https:\/\/trustedcomputinggroup.org\/wp-content\/uploads\/DICE-Attestation-Architecture-Version-1.1-Revision-17_1August2023.pdf. Last visited: 2023\u201311-04"},{"key":"1233_CR55","doi-asserted-by":"publisher","unstructured":"Usman, A.B., Asplund, M.: Remote attestation with software updates in embedded systems. In: 2024 IEEE Conference on Communications and Network Security (CNS), pp. 1\u20136 (2024). https:\/\/doi.org\/10.1109\/CNS62487.2024.10735526","DOI":"10.1109\/CNS62487.2024.10735526"},{"key":"1233_CR56","doi-asserted-by":"publisher","unstructured":"Usman, A.B., Asplund, M.: Update at your own risk: Analysis and recommendations for update-related vulnerabilities. In: L. Nemec Zlatolas, K. Rannenberg, T. Welzer, J. Garcia-Alfaro (eds.) ICT Systems Security and Privacy Protection, pp. 97\u2013110. Springer Nature Switzerland, Cham (2025). https:\/\/doi.org\/10.1007\/978-3-031-92886-4_7","DOI":"10.1007\/978-3-031-92886-4_7"},{"key":"1233_CR57","doi-asserted-by":"publisher","unstructured":"Usman, A.B., Cole, N., Asplund, M., Boeira, F., Vestlund, C.: Remote attestation assurance arguments for trusted execution environments. In: Proceedings of the 2023 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems, SaT-CPS \u201923, p. 33\u201342. Association for Computing Machinery, New York, NY, USA (2023). https:\/\/doi.org\/10.1145\/3579988.3585056","DOI":"10.1145\/3579988.3585056"},{"key":"1233_CR58","doi-asserted-by":"publisher","unstructured":"Wagner, P.G., Beyerer, J.: Quantifying trustworthiness in decentralized trusted applications. In: Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems, Sat-CPS \u201922, p. 67\u201376. Association for Computing Machinery, New York, NY, USA (2022). https:\/\/doi.org\/10.1145\/3510547.3517930","DOI":"10.1145\/3510547.3517930"},{"key":"1233_CR59","unstructured":"Wang, J., Wang, Y., Li, A., Xiao, Y., Zhang, R., Lou, W., Hou, Y.T., Zhang, N.: ARI: Attestation of real-time mission execution integrity. In: 32nd USENIX Security Symposium (USENIX Security 23), pp. 2761\u20132778. USENIX Association, Anaheim, CA (2023). https:\/\/www.usenix.org\/conference\/usenixsecurity23\/presentation\/wang-jinwen"},{"key":"1233_CR60","doi-asserted-by":"publisher","unstructured":"Wilson, J., Asplund, M., Johansson, N., Boeira, F.: Provably secure communication protocols for remote attestation. In: Proceedings of the 19th International Conference on Availability, Reliability and Security, ARES \u201924. Association for Computing Machinery, New York, NY, USA (2024). https:\/\/doi.org\/10.1145\/3664476.3664485","DOI":"10.1145\/3664476.3664485"},{"key":"1233_CR61","unstructured":"Wu, Y., Wang, J., Wang, Y., Zhai, S., Li, Z., He, Y., Sun, K., Li, Q., Zhang, N.: Your firmware has arrived: A study of firmware update vulnerabilities (2024). https:\/\/www.usenix.org\/conference\/usenixsecurity24\/presentation\/wu-yuhao"},{"key":"1233_CR62","doi-asserted-by":"publisher","unstructured":"Xu, M., Huber, M., Sun, Z., England, P., Peinado, M., Lee, S., Marochko, A., Mattoon, D., Spiger, R., Thom, S.: Dominance as a new trusted computing primitive for the internet of things. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 1415\u20131430 (2019). https:\/\/doi.org\/10.1109\/SP.2019.00084","DOI":"10.1109\/SP.2019.00084"},{"key":"1233_CR63","doi-asserted-by":"publisher","unstructured":"Yadav, N., Ganapathy, V.: Whole-program control-flow path attestation. In: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, CCS \u201923, p. 2680\u20132694. Association for Computing Machinery, New York, NY, USA (2023). https:\/\/doi.org\/10.1145\/3576915.3616687","DOI":"10.1145\/3576915.3616687"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-026-01233-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-026-01233-1","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-026-01233-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T09:22:51Z","timestamp":1776072171000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-026-01233-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3,28]]},"references-count":63,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2026,4]]}},"alternative-id":["1233"],"URL":"https:\/\/doi.org\/10.1007\/s10207-026-01233-1","relation":{},"ISSN":["1615-5270"],"issn-type":[{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3,28]]},"assertion":[{"value":"5 September 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 February 2026","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"28 March 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"75"}}