{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T02:44:16Z","timestamp":1761965056702,"version":"3.41.0"},"reference-count":31,"publisher":"Association for Computing Machinery (ACM)","issue":"5","license":[{"start":{"date-parts":[[2018,11,13]],"date-time":"2018-11-13T00:00:00Z","timestamp":1542067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGBED Rev."],"published-print":{"date-parts":[[2018,11,13]]},"abstract":"<jats:p>The current era can be characterized by the massive reliance on computing platforms in almost all domains, such as manufacturing, defense, healthcare, government. However, with the increased productivity, flexibility, and effectiveness that computers provide, comes the vulnerability to cyber-attacks where software, or even firmware, gets subtly modified by a hacker. The integration of a Trusted Platform Module (TPM) opts to tackle this issue by aiding in the detection of unauthorized modifications so that devices get remediation as needed. Nonetheless, the use of a TPM is impractical for resource-constrained devices due to power, space and cost limitations. With the recent proliferation of miniaturized devices along with the push towards the Internet-of Things (IoT) there is a need for a lightweight and practical alternative to the TPM. This paper proposes a cost-effective solution that incorporates modest amounts of integrated roots-of-trust logic and supports attestation of the integrity of the device's boot-up state. Our solution leverages crypto-acceleration modules found on many microprocessor and microcontroller based IoT devices nowadays, and introduces little additional overhead. The basic concepts have been validated through implementation on an SoC with an FPGA and a hard microcontroller. We report the validation results and highlight the involved tradeoffs.<\/jats:p>","DOI":"10.1145\/3292384.3292387","type":"journal-article","created":{"date-parts":[[2018,11,14]],"date-time":"2018-11-14T13:23:31Z","timestamp":1542201811000},"page":"14-21","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["IoT boot integrity measuring and reporting"],"prefix":"10.1145","volume":"15","author":[{"given":"Tom","family":"Brostr\u00f6m","sequence":"first","affiliation":[{"name":"Cyber Pack Ventures, Inc."}]},{"given":"John","family":"Zhu","sequence":"additional","affiliation":[{"name":"University of Maryland Baltimore County"}]},{"given":"Ryan","family":"Robucci","sequence":"additional","affiliation":[{"name":"University of Maryland Baltimore County"}]},{"given":"Mohamed","family":"Younis","sequence":"additional","affiliation":[{"name":"University of Maryland Baltimore County"}]}],"member":"320","published-online":{"date-parts":[[2018,11,13]]},"reference":[{"doi-asserted-by":"publisher","key":"e_1_2_1_1_1","DOI":"10.1109\/CC.2016.7781720"},{"doi-asserted-by":"crossref","unstructured":"Kinney S. Trusted Platform Module Basics 1<sup>st<\/sup> Ed.: Using TPM in Embedded Systems. (2006) Elsevier.   Kinney S. Trusted Platform Module Basics 1<sup>st<\/sup> Ed.: Using TPM in Embedded Systems. (2006) Elsevier.","key":"e_1_2_1_2_1","DOI":"10.1016\/B978-075067960-2\/50002-6"},{"key":"e_1_2_1_3_1","volume-title":"Proceedings TRUSTCOM'16","author":"Shepherd C.","year":"2016","unstructured":"Shepherd , C. et al., Secure and Trusted Execution: Past, Present, and Future - A Critical Review in the Context of the Internet of Things and Cyber-Physical Systems . in Proceedings TRUSTCOM'16 , (Tianjin, China , 2016 ), IEEE. Shepherd, C. et al., Secure and Trusted Execution: Past, Present, and Future - A Critical Review in the Context of the Internet of Things and Cyber-Physical Systems. in Proceedings TRUSTCOM'16, (Tianjin, China, 2016), IEEE."},{"key":"e_1_2_1_4_1","volume-title":"Family \"2.0\", Level 00 Revision 01.38, (September 29","author":"Trusted Platform Module Library","year":"2016","unstructured":"Trusted Platform Module Library , Part 1: Architecture , Family \"2.0\", Level 00 Revision 01.38, (September 29 , 2016 ), section 9.5.5 Integrity Measurement and Reporting Trusted Platform Module Library, Part 1: Architecture, Family \"2.0\", Level 00 Revision 01.38, (September 29, 2016), section 9.5.5 Integrity Measurement and Reporting"},{"unstructured":"Trusted Platform Architecture Hardware Requirements for a Device Identifier Composition Engine. https:\/\/www.trustedcomputinggroup.org  Trusted Platform Architecture Hardware Requirements for a Device Identifier Composition Engine. https:\/\/www.trustedcomputinggroup.org","key":"e_1_2_1_5_1"},{"key":"e_1_2_1_6_1","volume-title":"Building a Secure System using TrustZone Technology","author":"ARM","year":"2009","unstructured":"ARM , ARM Security Technology , Building a Secure System using TrustZone Technology , ARM White Paper , 2009 . ARM, ARM Security Technology, Building a Secure System using TrustZone Technology, ARM White Paper, 2009."},{"key":"e_1_2_1_7_1","volume-title":"Samsung Electronics","author":"Samsung Electronics","year":"2014","unstructured":"Samsung Electronics , White Paper : Samsung KNOX Premium , Samsung Electronics , Sep. 2014 . Samsung Electronics, White Paper: Samsung KNOX Premium, Samsung Electronics, Sep. 2014."},{"doi-asserted-by":"publisher","key":"e_1_2_1_8_1","DOI":"10.1007\/s00779-012-0543-0"},{"doi-asserted-by":"publisher","key":"e_1_2_1_9_1","DOI":"10.1145\/1457246.1457254"},{"doi-asserted-by":"publisher","key":"e_1_2_1_10_1","DOI":"10.1145\/1533057.1533075"},{"doi-asserted-by":"publisher","key":"e_1_2_1_11_1","DOI":"10.1109\/ISVLSI.2014.84"},{"doi-asserted-by":"publisher","key":"e_1_2_1_12_1","DOI":"10.1109\/TSG.2011.2174811"},{"doi-asserted-by":"publisher","key":"e_1_2_1_13_1","DOI":"10.1145\/1456455.1456458"},{"key":"e_1_2_1_14_1","volume-title":"Trusted Platform Module for Smart Cards. in Proceedings of NTMS'14 (Dubai, UAE","author":"Akram R. N.","year":"2014","unstructured":"Akram , R. N. , K. Markantonakis and K. Mayes , Trusted Platform Module for Smart Cards. in Proceedings of NTMS'14 (Dubai, UAE 2014 ), IEEE press, 1--5. Akram, R. N., K. Markantonakis and K. Mayes, Trusted Platform Module for Smart Cards. in Proceedings of NTMS'14 (Dubai, UAE 2014), IEEE press, 1--5."},{"key":"e_1_2_1_15_1","volume-title":"Microsoft Corp","author":"England P.","year":"2016","unstructured":"England , P. , et al. RIoT - A Foundation for Trust in the Internet of Things, Technical report MSR-TR-2016-18 , Microsoft Corp , April 2016 . England, P., et al. RIoT - A Foundation for Trust in the Internet of Things, Technical report MSR-TR-2016-18, Microsoft Corp, April 2016."},{"doi-asserted-by":"publisher","key":"e_1_2_1_16_1","DOI":"10.1109\/CNS.2017.8228638"},{"doi-asserted-by":"publisher","key":"e_1_2_1_17_1","DOI":"10.1109\/iNIS.2015.17"},{"unstructured":"Foundational Trust for IoT and Resource Constrained Devices. https:\/\/trustedcomputinggroup.org  Foundational Trust for IoT and Resource Constrained Devices. https:\/\/trustedcomputinggroup.org","key":"e_1_2_1_18_1"},{"key":"e_1_2_1_19_1","volume-title":"Nov","author":"Implicit Identity Based Device","year":"2017","unstructured":"Implicit Identity Based Device Attestation (draft). https:\/\/trustedcomputinggroup.org , Nov 2017 . Implicit Identity Based Device Attestation (draft). https:\/\/trustedcomputinggroup.org, Nov 2017."},{"unstructured":"Maat: A Platform Service for Measurement and Attestation arXiv:1709.10147 {cs.CR} https:\/\/arxiv.org\/abs\/1709.10147  Maat: A Platform Service for Measurement and Attestation arXiv:1709.10147 {cs.CR} https:\/\/arxiv.org\/abs\/1709.10147","key":"e_1_2_1_20_1"},{"unstructured":"Das U-Boot - the Universal Boot Loader https:\/\/www.denx.de\/wiki\/U-Boot\/WebHome DENX Software Engineering  Das U-Boot - the Universal Boot Loader https:\/\/www.denx.de\/wiki\/U-Boot\/WebHome DENX Software Engineering","key":"e_1_2_1_21_1"},{"unstructured":"Altera SoC EDS Standard edition v17.0 http:\/\/dl.altera.com\/soceds\/17.0\/?edition=standard host_tools\/altera\/preloader\/uboot-socfpga.tar.gz  Altera SoC EDS Standard edition v17.0 http:\/\/dl.altera.com\/soceds\/17.0\/?edition=standard host_tools\/altera\/preloader\/uboot-socfpga.tar.gz","key":"e_1_2_1_22_1"},{"unstructured":"DE1-SoC CD-ROM (rev.F Board) v5.1.1 ..\/Demonstrations\/SOC_FPGA\/de1_soc_GHRD\/software\/spl_bsp\/Makefile. http:\/\/www.terasic.com.tw  DE1-SoC CD-ROM (rev.F Board) v5.1.1 ..\/Demonstrations\/SOC_FPGA\/de1_soc_GHRD\/software\/spl_bsp\/Makefile. http:\/\/www.terasic.com.tw","key":"e_1_2_1_23_1"},{"unstructured":"u-boot-2017.11-rc3 arch\/arm\/dts\/socfpga_cyclone5_de***1_soc.dtb  u-boot-2017.11-rc3 arch\/arm\/dts\/socfpga_cyclone5_de***1_soc.dtb","key":"e_1_2_1_24_1"},{"doi-asserted-by":"crossref","unstructured":"https:\/\/releases.rocketboards.org\/release\/2017.10\/gsrd\/bin\/linux-socfpga-gsrd-17.1std-cv.tar.gz (sdimage.tar.gz)  https:\/\/releases.rocketboards.org\/release\/2017.10\/gsrd\/bin\/linux-socfpga-gsrd-17.1std-cv.tar.gz (sdimage.tar.gz)","key":"e_1_2_1_25_1","DOI":"10.1007\/s41480-018-0019-6"},{"unstructured":"BIOS Integrity Measurement Guidelines (Draft) NIST SP 800--155.  BIOS Integrity Measurement Guidelines (Draft) NIST SP 800--155.","key":"e_1_2_1_26_1"},{"unstructured":"Secure Hash Standard FIPS PUB 180-4 https:\/\/nvlpubs.nist.gov\/nistpubs\/FIPS\/NIST.FIPS.180-4.pdf  Secure Hash Standard FIPS PUB 180-4 https:\/\/nvlpubs.nist.gov\/nistpubs\/FIPS\/NIST.FIPS.180-4.pdf","key":"e_1_2_1_27_1"},{"unstructured":"The Simon and Speck Families of Lightweight Block Ciphers https:\/\/eprint.iacr.org\/2013\/404.pdf  The Simon and Speck Families of Lightweight Block Ciphers https:\/\/eprint.iacr.org\/2013\/404.pdf","key":"e_1_2_1_28_1"},{"doi-asserted-by":"publisher","key":"e_1_2_1_29_1","DOI":"10.1109\/SP.1984.10027"},{"unstructured":"openMSP430 :: Area and speed analysis https:\/\/opencores.org\/project openmsp430 area%20and%20speed%20analysis  openMSP430 :: Area and speed analysis https:\/\/opencores.org\/project openmsp430 area%20and%20speed%20analysis","key":"e_1_2_1_31_1"},{"unstructured":"Avalon AES ECB-Core (128 192 256 Bit) https:\/\/opencores.org\/project\/avs_aes  Avalon AES ECB-Core (128 192 256 Bit) https:\/\/opencores.org\/project\/avs_aes","key":"e_1_2_1_32_1"}],"container-title":["ACM SIGBED Review"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3292384.3292387","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3292384.3292387","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:08:38Z","timestamp":1750208918000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3292384.3292387"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,11,13]]},"references-count":31,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2018,11,13]]}},"alternative-id":["10.1145\/3292384.3292387"],"URL":"https:\/\/doi.org\/10.1145\/3292384.3292387","relation":{},"ISSN":["1551-3688"],"issn-type":[{"type":"electronic","value":"1551-3688"}],"subject":[],"published":{"date-parts":[[2018,11,13]]},"assertion":[{"value":"2018-11-13","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}