{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,6]],"date-time":"2026-04-06T10:17:57Z","timestamp":1775470677146,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":84,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,1]],"date-time":"2024-07-01T00:00:00Z","timestamp":1719792000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100007148","name":"Bundesministerium f\u00fcr Wissenschaft und Forschung","doi-asserted-by":"publisher","award":["16KIS1314"],"award-info":[{"award-number":["16KIS1314"]}],"id":[{"id":"10.13039\/501100007148","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7]]},"DOI":"10.1145\/3634737.3637643","type":"proceedings-article","created":{"date-parts":[[2024,6,28]],"date-time":"2024-06-28T11:51:38Z","timestamp":1719575498000},"page":"1568-1583","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["TeeFilter: High-Assurance Network Filtering Engine for High-End IoT and Edge Devices based on TEEs"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3970-5580","authenticated-orcid":false,"given":"Jonas","family":"R\u00f6ckl","sequence":"first","affiliation":[{"name":"FAU Erlangen-N\u00fcrnberg, Erlangen, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-4550-1810","authenticated-orcid":false,"given":"Nils","family":"Bernsdorf","sequence":"additional","affiliation":[{"name":"FAU Erlangen-N\u00fcrnberg, Erlangen, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-0430-1467","authenticated-orcid":false,"given":"Tilo","family":"M\u00fcller","sequence":"additional","affiliation":[{"name":"Hof University of Applied Sciences, Hof, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,7]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Thomas Alsop. 2022. Arm's market share and targets across key technology markets in 2019 and 2028 fiscal years. https:\/\/www.statista.com\/statistics\/1132112\/arm-market-share-targets\/. Accessed 2022-11-13."},{"key":"e_1_3_2_1_2_1","unstructured":"Amazon Web Services Inc. 2023. Floating IP pattern for HA between active-standby stateful servers. https:\/\/docs.aws.amazon.com\/whitepapers\/latest\/real-time-communication-on-aws\/floating-ip-pattern-for-ha-between-activestandby-stateful-servers.html. Accessed 2023-03-17."},{"key":"e_1_3_2_1_3_1","volume-title":"Proceedings of the 26th USENIX Security Symposium, USENIX Security '17","author":"Antonakakis Manos","year":"2017","unstructured":"Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. 2017. Understanding the Mirai Botnet. In Proceedings of the 26th USENIX Security Symposium, USENIX Security '17. USENIX Association, 1093--1110. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/antonakakis"},{"key":"e_1_3_2_1_4_1","unstructured":"Arm Limited. 2004. About the TrustZone Protection Controller. https:\/\/developer.arm.com\/documentation\/dto0015\/a\/about-the-trustzone-protection-controller. Accessed 2023-11-20."},{"key":"e_1_3_2_1_5_1","unstructured":"Arm Limited. 2010. CoreLink TrustZone Address Space Controller TZC-380 Technical Reference Manual r0p1. https:\/\/developer.arm.com\/documentation\/ddi0431\/c\/introduction\/about-the-tzasc. Accessed 2023-11-20."},{"key":"e_1_3_2_1_6_1","unstructured":"Arm Limited. 2023. Arm Optimized Routines. https:\/\/github.com\/ARM-software\/optimized-routines. Accessed 2023-08-03."},{"key":"e_1_3_2_1_7_1","unstructured":"Arm Limited. 2023. ARM Trusted Firmware - TZC Interface. https:\/\/github.com\/ARM-software\/arm-trusted-firmware\/blob\/master\/drivers\/arm\/tzc\/tzc_common_private.h. Accessed 2023-08-03."},{"key":"e_1_3_2_1_8_1","unstructured":"Arm Limited. 2023. The foundation of Total Compute: First Armv9 Cortex CPUs. https:\/\/community.arm.com\/arm-community-blogs\/b\/architectures-and-processors-blog\/posts\/first-armv9-cpu-cores. Accessed 2023-11-20."},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the 25th Annual Computer Security Applications Conference, ACSAC '09. IEEE Computer Society, 461--470","author":"Azab Ahmed M.","year":"2009","unstructured":"Ahmed M. Azab, Peng Ning, Emre Can Sezer, and Xiaolan Zhang. 2009. HIMA: A Hypervisor-Based Integrity Measurement Agent. In Proceedings of the 25th Annual Computer Security Applications Conference, ACSAC '09. IEEE Computer Society, 461--470. 10.1109\/ACSAC.2009.50"},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of the 30th USENIX Security Symposium, USENIX Security '21","author":"Bahmani Raad","year":"2021","unstructured":"Raad Bahmani, Ferdinand Brasser, Ghada Dessouky, Patrick Jauernig, Matthias Klimmek, Ahmad-Reza Sadeghi, and Emmanuel Stapf. 2021. CURE: A Security Architecture with CUstomizable and Resilient Enclaves. In Proceedings of the 30th USENIX Security Symposium, USENIX Security '21, Michael Bailey and Rachel Greenstadt (Eds.). USENIX Association, 1073--1090. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/bahmani"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-07964-5"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2656877.2656890"},{"key":"e_1_3_2_1_13_1","unstructured":"Boundary Devices. 2023. Trusted Firmware-A (TF-A) for i.MX CPUs. https:\/\/github.com\/boundarydevices\/imx-atf. Accessed 2023-11-20."},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of the 4th Workshop on System Software for Trusted Execution, SysTEX '19","author":"Busch Marcel","year":"2019","unstructured":"Marcel Busch, Ralph Schlenk, and Hans Heckel. 2019. TEEMo: Trusted peripheral monitoring for optical networks and beyond. In Proceedings of the 4th Workshop on System Software for Trusted Execution, SysTEX '19. ACM, 7:1--7:6. 10.1145\/3342559.3365339"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2991734"},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '08. ACM, 2--13","author":"Chen Xiaoxin","unstructured":"Xiaoxin Chen, Tal Garfinkel, E. Christopher Lewis, Pratap Subrahmanyam, Carl A. Waldspurger, Dan Boneh, Jeffrey S. Dwoskin, and Dan R. K. Ports. 2008. Overshadow: A virtualization-based approach to retrofitting protection in commodity operating systems. In Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '08. ACM, 2--13. 10.1145\/1346281.1346284"},{"key":"e_1_3_2_1_17_1","unstructured":"Cilium Authors. 2023. eBPF Maps. https:\/\/docs.cilium.io\/en\/stable\/network\/ebpf\/maps\/. Accessed 2023-08-06."},{"key":"e_1_3_2_1_18_1","volume-title":"Proceedings of the 10th International Conference for Tools and Algorithms for the Construction and Analysis of Systems, TACAS '04 (Lecture Notes in Computer Science","volume":"176","author":"Clarke Edmund M.","year":"2004","unstructured":"Edmund M. Clarke, Daniel Kroening, and Flavio Lerda. 2004. A Tool for Checking ANSI-C Programs. In Proceedings of the 10th International Conference for Tools and Algorithms for the Construction and Analysis of Systems, TACAS '04 (Lecture Notes in Computer Science, Vol. 2988). Springer, 168--176. 10.1007\/978-3-540-24730-2_15"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10703-020-00344-2"},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of the 13th International Conference on Computer Aided Verification, CAV '01 (Lecture Notes in Computer Science","volume":"453","author":"Copty Fady","unstructured":"Fady Copty, Limor Fix, Ranan Fraer, Enrico Giunchiglia, Gila Kamhi, Armando Tacchella, and Moshe Y. Vardi. 2001. Benefits of Bounded Model Checking at an Industrial Setting. In Proceedings of the 13th International Conference on Computer Aided Verification, CAV '01 (Lecture Notes in Computer Science, Vol. 2102). Springer, 436--453. 10.1007\/3-540-44585-4_43"},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of the Architectural Support for Programming Languages and Operating Systems, ASPLOS '14","author":"Dall Christoffer","year":"2014","unstructured":"Christoffer Dall and Jason Nieh. 2014. KVM\/ARM: The design and implementation of the Linux ARM hypervisor. In Proceedings of the Architectural Support for Programming Languages and Operating Systems, ASPLOS '14. ACM, 333--348. 10.1145\/2541940.2541946"},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the 14th International Conference for Tools and Algorithms for the Construction and Analysis of Systems, TACAS '08 (Lecture Notes in Computer Science","volume":"340","author":"de Moura Leonardo Mendon\u00e7a","unstructured":"Leonardo Mendon\u00e7a de Moura and Nikolaj S. Bj\u00f8rner. 2008. Z3: An Efficient SMT Solver. In Proceedings of the 14th International Conference for Tools and Algorithms for the Construction and Analysis of Systems, TACAS '08 (Lecture Notes in Computer Science, Vol. 4963). Springer, 337--340. 10.1007\/978-3-540-78800-3_24"},{"key":"e_1_3_2_1_23_1","unstructured":"Device Tree Organization. 2020. Device tree specification. https:\/\/github.com\/devicetree-org\/devicetree-specification\/releases\/download\/v0.3\/devicetree-specification-v0.3.pdf. Accessed 2023-02-17."},{"key":"e_1_3_2_1_24_1","unstructured":"Diffblue Ltd. 2023. Code Contracts in CBMC. https:\/\/diffblue.github.io\/cbmc\/\/contracts-mainpage.html. Accessed 2023-06-18."},{"key":"e_1_3_2_1_25_1","unstructured":"DPDK Project. 2023. Project Charter. https:\/\/www.dpdk.org\/. Accessed 2023-08-06."},{"key":"e_1_3_2_1_26_1","volume-title":"Proceedings of the 5th Symposium on Operating System Design and Implementation (OSDI '02)","author":"Dunlap George W.","unstructured":"George W. Dunlap, Samuel T. King, Sukru Cinar, Murtaza A. Basrai, and Peter M. Chen. 2002. ReVirt: Enabling Intrusion Analysis Through Virtual-Machine Logging and Replay. In Proceedings of the 5th Symposium on Operating System Design and Implementation (OSDI '02). USENIX Association. http:\/\/www.usenix.org\/events\/osdi02\/tech\/dunlap.html"},{"key":"e_1_3_2_1_27_1","unstructured":"eBPF.io authors. 2023. What is eBPF? An Introduction and Deep Dive into the eBPF Technology. https:\/\/ebpf.io\/what-is-ebpf\/. Accessed 2023-11-20."},{"key":"e_1_3_2_1_28_1","unstructured":"Embedded Microprocessor Benchmark Consortium. 2022. CoreMark an Industry-Standard Benchmark of Central Processing Units (CPU). https:\/\/github.com\/eembc\/coremark. Accessed 2022-11-17."},{"key":"e_1_3_2_1_29_1","unstructured":"Existent Ltd. 2023. Broadband speeds required for streaming services. https:\/\/www.cable.co.uk\/broadband\/guides\/broadband-streaming. Accessed 2023-03-15."},{"key":"e_1_3_2_1_30_1","unstructured":"Forescout Research Labs. 2020. How TCP\/IP Stacks Breed Critical Vulnerabilities in IoT OT and IT Devices. https:\/\/www.forescout.com\/company\/resources\/amnesia33-how-tcp-ip-stacks-breed-critical-vulnerabilities-in-iot-ot-and-it-devices\/. Accessed 2022-10-14."},{"key":"e_1_3_2_1_31_1","volume-title":"Proceedings of the ACM on Programming Languages 7, OOPSLA1","author":"Fox Anthony C. J.","year":"2023","unstructured":"Anthony C. J. Fox, Gareth Stockwell, Shale Xiong, Hanno Becker, Dominic P. Mulligan, Gustavo Petri, and Nathan Chong. 2023. A Verification Methodology for the Arm\u00ae Confidential Computing Architecture: From a Secure Specification to Safe Implementations. Proceedings of the ACM on Programming Languages 7, OOPSLA1 (2023), 376--405. 10.1145\/3586040"},{"key":"e_1_3_2_1_32_1","unstructured":"FreeBSD authors. 2005. bus_space_write_4 manual page. https:\/\/manpages.debian.org\/testing\/freebsd-manpages\/bus_space_write_4.9freebsd.en.html. Accessed 2023-11-20."},{"key":"e_1_3_2_1_33_1","volume-title":"Proceedings of the 11th Workshop on Hot Topics in Operating, HotOS '07","author":"Ganapathy Vinod","year":"2007","unstructured":"Vinod Ganapathy, Arini Balakrishnan, Michael M. Swift, and Somesh Jha. 2007. Microdrivers: A New Architecture for Device Drivers. In Proceedings of the 11th Workshop on Hot Topics in Operating, HotOS '07. USENIX Association. http:\/\/www.usenix.org\/events\/hotos07\/tech\/full_papers\/ganapathy\/ganapathy.pdf"},{"key":"e_1_3_2_1_34_1","volume-title":"Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '08. ACM, 168--178","author":"Ganapathy Vinod","year":"2008","unstructured":"Vinod Ganapathy, Matthew J. Renzelmann, Arini Balakrishnan, Michael M. Swift, and Somesh Jha. 2008. The design and implementation of microdrivers. In Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '08. ACM, 168--178. 10.1145\/1346281.1346303"},{"key":"e_1_3_2_1_35_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium, NDSS '03","author":"Garfinkel Tal","year":"2003","unstructured":"Tal Garfinkel and Mendel Rosenblum. 2003. A Virtual Machine Introspection Based Architecture for Intrusion Detection. In Proceedings of the Network and Distributed System Security Symposium, NDSS '03. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss2003\/virtual-machine-introspection-based-architecture-intrusion-detection\/"},{"key":"e_1_3_2_1_36_1","volume-title":"Proceedings of the 27th International Symposium on High-Performance Parallel and Distributed Computing, HPDC '18. ACM, 2--13","author":"Gerofi Balazs","year":"2018","unstructured":"Balazs Gerofi, Aram Santogidis, Dominique Martinet, and Yutaka Ishikawa. 2018. PicoDriver: fast-path device drivers for multi-kernel operating systems. In Proceedings of the 27th International Symposium on High-Performance Parallel and Distributed Computing, HPDC '18. ACM, 2--13. 10.1145\/3208040.3208060"},{"key":"e_1_3_2_1_37_1","unstructured":"Google LLC. 2023. Patterns for using floating IP addresses in Compute Engine. https:\/\/cloud.google.com\/architecture\/patterns-for-floating-ip-addresses-in-compute-engine. Accessed 2023-03-18."},{"key":"e_1_3_2_1_38_1","unstructured":"Vivien Gueant. 2022. iPerf - The TCP UDP and SCTP network bandwidth measurement tool. https:\/\/iperf.fr. Accessed 2022-11-17."},{"key":"e_1_3_2_1_39_1","volume-title":"Proceedings of the 17th European Conference on Computer Systems, EuroSys '22","author":"Guo Liwei","year":"2022","unstructured":"Liwei Guo and Felix Xiaozhu Lin. 2022. Minimum viable device drivers for ARM TrustZone. In Proceedings of the 17th European Conference on Computer Systems, EuroSys '22. ACM, 300--316. 10.1145\/3492321.3519565"},{"key":"e_1_3_2_1_40_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium, NDSS '19","author":"Herwig Stephen","year":"2019","unstructured":"Stephen Herwig, Katura Harvey, George Hughey, Richard Roberts, and Dave Levin. 2019. Measurement and Analysis of Hajime, a Peer-to-peer IoT Botnet. In Proceedings of the Network and Distributed System Security Symposium, NDSS '19. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss-paper\/measurement-and-analysis-of-hajime-a-peer-to-peer-iot-botnet"},{"key":"e_1_3_2_1_41_1","volume-title":"Proceedings of the 6th ACM\/SPEC International Conference on Performance Engineering, ICPE '15","author":"Hofer Peter","year":"2015","unstructured":"Peter Hofer, Florian H\u00f6rschl\u00e4ger, and Hanspeter M\u00f6ssenb\u00f6ck. 2015. Sampling-based Steal Time Accounting under Hardware Virtualization. In Proceedings of the 6th ACM\/SPEC International Conference on Performance Engineering, ICPE '15. ACM, 87--90. 10.1145\/2668930.2695524"},{"key":"e_1_3_2_1_42_1","volume-title":"Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS '20. ACM, 6--19","author":"Huber Manuel","year":"2020","unstructured":"Manuel Huber, Stefan Hristozov, Simon Ott, Vasil Sarafov, and Marcus Peinado. 2020. The Lazarus Effect: Healing Compromised Devices in the Internet of Small Things. In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, ASIA CCS '20. ACM, 6--19. 10.1145\/3320269.3384723"},{"key":"e_1_3_2_1_43_1","unstructured":"Ionut Ilascu. 2019. New Echobot Botnet Variant Uses Over 50 Exploits to Propagate. https:\/\/www.bleepingcomputer.com\/news\/security\/new-echobot-botnet-variant-uses-over-50-exploits-to-propagate\/. Accessed 2022-10-13."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"crossref","unstructured":"S. Josefsson and I. Liusvaara. 2017. Edwards-Curve Digital Signature Algorithm (EdDSA). RFC 8032. RFC Editor. https:\/\/www.rfc-editor.org\/rfc\/rfc8032.txt","DOI":"10.17487\/RFC8032"},{"key":"e_1_3_2_1_45_1","volume-title":"Proceedings of the International Conference on Connected Vehicles and Expo, ICCVE '12","author":"Kim Se-Won","year":"2013","unstructured":"Se-Won Kim, Chi-Young Lee, MooWoong Jeon, Hae Young Kwon, Hyun Woo Lee, and Chuck Yoo. 2013. Secure device access for automotive software. In Proceedings of the International Conference on Connected Vehicles and Expo, ICCVE '12. IEEE, 177--181. 10.1109\/ICCVE.2013.6799789"},{"key":"e_1_3_2_1_46_1","volume-title":"Proceedings of the 22nd ACM Symposium on Operating Systems Principles 2009, SOSP 2009","author":"Klein Gerwin","year":"2009","unstructured":"Gerwin Klein, Kevin Elphinstone, Gernot Heiser, June Andronick, David Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, and Simon Winwood. 2009. seL4: formal verification of an OS kernel. In Proceedings of the 22nd ACM Symposium on Operating Systems Principles 2009, SOSP 2009, Big Sky, Montana, USA, October 11-14, 2009, Jeanna Neefe Matthews and Thomas E. Anderson (Eds.). ACM, 207--220. 10.1145\/1629575.1629596"},{"key":"e_1_3_2_1_47_1","volume-title":"Proceedings of the Applied Networking Research Workshop, ANRW '18","author":"Ko Ronny","year":"2018","unstructured":"Ronny Ko and James Mickens. 2018. DeadBolt: Securing IoT Deployments. In Proceedings of the Applied Networking Research Workshop, ANRW '18. ACM, 50--57. 10.1145\/3232755.3232774"},{"key":"e_1_3_2_1_48_1","unstructured":"M Kol and S Oberman. 2020. Ripple20. https:\/\/www.jsof-tech.com\/wp-content\/uploads\/2020\/06\/JSOF_Ripple20_Technical_Whitepaper_June20.pdf. Accessed 2022-03-01."},{"key":"e_1_3_2_1_49_1","volume-title":"Reaper: Calm Before the IoT Security Storm? https:\/\/krebsonsecurity.com\/2017\/10\/reaper-calm-before-the-iot-security-storm\/. Accessed 2022-10-13.","author":"Krebs Brian","year":"2017","unstructured":"Brian Krebs. 2017. Reaper: Calm Before the IoT Security Storm? https:\/\/krebsonsecurity.com\/2017\/10\/reaper-calm-before-the-iot-security-storm\/. Accessed 2022-10-13."},{"key":"e_1_3_2_1_50_1","volume-title":"Proceedings of the 20th International Conference for Tools and Algorithms for the Construction and Analysis of Systems, TACAS '14 (Lecture Notes in Computer Science","volume":"391","author":"Kroening Daniel","year":"2014","unstructured":"Daniel Kroening and Michael Tautschnig. 2014. CBMC - C Bounded Model Checker - (Competition Contribution). In Proceedings of the 20th International Conference for Tools and Algorithms for the Construction and Analysis of Systems, TACAS '14 (Lecture Notes in Computer Science, Vol. 8413). Springer, 389--391. 10.1007\/978-3-642-54862-8_26"},{"key":"e_1_3_2_1_51_1","volume-title":"Proceedings of the 2nd IEEE \/ ACM International Symposium on Code Generation and Optimization, CGO '04","author":"Lattner Chris","year":"2004","unstructured":"Chris Lattner and Vikram S. Adve. 2004. LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. In Proceedings of the 2nd IEEE \/ ACM International Symposium on Code Generation and Optimization, CGO '04. IEEE Computer Society, 75--88. 10.1109\/CGO.2004.1281665"},{"key":"e_1_3_2_1_52_1","volume-title":"Proceedings of the 16th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys '18","author":"Lentz Matthew","year":"2018","unstructured":"Matthew Lentz, Rijurekha Sen, Peter Druschel, and Bobby Bhattacharjee. 2018. SeCloak: ARM Trustzone-based Mobile Peripheral Control. In Proceedings of the 16th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys '18. ACM, 1--13. 10.1145\/3210240.3210334"},{"key":"e_1_3_2_1_53_1","unstructured":"LF Projects LLC. 2019. io.h - Memory Access Wrappers. https:\/\/github.com\/seL4\/util_libs\/blob\/master\/libethdrivers\/src\/plat\/imx6\/io.h. Accessed 2023-08-03."},{"key":"e_1_3_2_1_54_1","unstructured":"Linux Kernel Developers. 2023. ARM idle states binding description. https:\/\/www.kernel.org\/doc\/Documentation\/devicetree\/bindings\/arm\/idle-states.txt. Accessed 2023-03-16."},{"key":"e_1_3_2_1_55_1","unstructured":"Linux Kernel Developers. 2023. NAPI. https:\/\/docs.kernel.org\/networking\/napi.html. Accessed 2023-11-16."},{"key":"e_1_3_2_1_56_1","unstructured":"Linux Kernel Developers. 2023. Reducing Scheduling-Clock Ticks. https:\/\/www.kernel.org\/doc\/Documentation\/timers\/NO_HZ.txt. Accessed 2023-03-17."},{"key":"e_1_3_2_1_57_1","volume-title":"Proceedings of the 3rd Workshop on Micro Aerial Vehicle Networks, Systems, and Applications, DroNet '17","author":"Liu Renju","unstructured":"Renju Liu and Mani B. Srivastava. 2017. PROTC: PROTeCting Drone's Peripherals through ARM TrustZone. In Proceedings of the 3rd Workshop on Micro Aerial Vehicle Networks, Systems, and Applications, DroNet '17. ACM, 1--6. 10.1145\/3086439.3086443"},{"key":"e_1_3_2_1_58_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium, NDSS '17","author":"Machiry Aravind","year":"2017","unstructured":"Aravind Machiry, Eric Gustafson, Chad Spensky, Christopher Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung Ryn Choe, Christopher Kruegel, and Giovanni Vigna. 2017. BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments. In Proceedings of the Network and Distributed System Security Symposium, NDSS '17. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss2017\/ndss-2017-programme\/boomerang-exploiting-semantic-gap-trusted-execution-environments\/"},{"key":"e_1_3_2_1_59_1","volume-title":"Proceedings of the 3rd USENIX Workshop on Hot Topics in Edge Computing, HotEdge '20","author":"McCormack Matt","year":"2020","unstructured":"Matt McCormack, Amit Vasudevan, Guyue Liu, Sebasti\u00e1n Echeverr\u00eda, Kyle O'Meara, Grace A. Lewis, and Vyas Sekar. 2020. Towards an Architecture for Trusted Edge IoT Security Gateways. In Proceedings of the 3rd USENIX Workshop on Hot Topics in Edge Computing, HotEdge '20. USENIX Association. https:\/\/www.usenix.org\/conference\/hotedge20\/presentation\/mccormack"},{"key":"e_1_3_2_1_60_1","volume-title":"Proceedings of the 31st IEEE Symposium on Security and Privacy, S&P '10","author":"McCune Jonathan M.","year":"2010","unstructured":"Jonathan M. McCune, Yanlin Li, Ning Qu, Zongwei Zhou, Anupam Datta, Virgil D. Gligor, and Adrian Perrig. 2010. TrustVisor: Efficient TCB Reduction and Attestation. In Proceedings of the 31st IEEE Symposium on Security and Privacy, S&P '10. IEEE Computer Society, 143--158. 10.1109\/SP.2010.17"},{"key":"e_1_3_2_1_61_1","unstructured":"Microsoft Corporation. 2021. Reading and Writing to Device Registers. https:\/\/learn.microsoft.com\/en-us\/windows-hardware\/drivers\/wdf\/reading-and-writing-to-device-registers. Accessed 2023-08-03."},{"key":"e_1_3_2_1_62_1","unstructured":"MITRE Organization. 2022. CVE Keyword Search for \"linux ethernet drivers\". https:\/\/cve.mitre.org\/cgi-bin\/cvekey.cgi?keyword=linux+ethernet+drivers. Accessed 2022-11-13."},{"key":"e_1_3_2_1_63_1","volume-title":"Proceedings of the 7th Workshop on Constraint Solvers in Testing, Verification, and Analysis, CSTVA '16 (CEUR Workshop Proceedings","volume":"42","author":"Neville Daniel","year":"2016","unstructured":"Daniel Neville, Andrew J. Malton, Martin Brain, and Daniel Kroening. 2016. Towards Automated Bounded Model Checking of API Implementations. In Proceedings of the 7th Workshop on Constraint Solvers in Testing, Verification, and Analysis, CSTVA '16 (CEUR Workshop Proceedings, Vol. 1639). CEUR-WS.org, 31--42. http:\/\/ceur-ws.org\/Vol-1639\/paper-06.pdf"},{"key":"e_1_3_2_1_64_1","unstructured":"Thomas Petazzoni. 2012. Your new ARM SoC Linux support check-list. https:\/\/www.elinux.org\/images\/a\/ad\/Arm-soc-checklist.pdf. Accessed 2023-02-17."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/3291047"},{"key":"e_1_3_2_1_66_1","volume-title":"Proceedings of the 19th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming, PPoPP '14","author":"Rao Jia","year":"2014","unstructured":"Jia Rao and Xiaobo Zhou. 2014. Towards fair and efficient SMP virtual machine scheduling. In Proceedings of the 19th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming, PPoPP '14. ACM, 273--286. 10.1145\/2555243.2555246"},{"key":"e_1_3_2_1_67_1","volume-title":"Proceedings of the Annual Computer Security Applications Conference, ACSAC '21","author":"R\u00f6ckl Jonas","unstructured":"Jonas R\u00f6ckl, Mykolai Protsenko, Monika Huber, Tilo M\u00fcller, and Felix C. Freiling. 2021. Advanced System Resiliency Based on Virtualization Techniques for IoT Devices. In Proceedings of the Annual Computer Security Applications Conference, ACSAC '21. ACM, 455--467. 10.1145\/3485832.3485836"},{"key":"e_1_3_2_1_68_1","volume-title":"Proceedings of the 9th International Conference on Information Systems Security and Privacy, ICISSP '23","author":"R\u00f6ckl Jonas","year":"2023","unstructured":"Jonas R\u00f6ckl, Adam Wagenh\u00e4user, and Tilo M\u00fcller. 2023. Veto: Prohibit Outdated Edge System Software from Booting. In Proceedings of the 9th International Conference on Information Systems Security and Privacy, ICISSP '23. SciTePress, 46--57. 10.5220\/0011627700003405"},{"key":"e_1_3_2_1_69_1","volume-title":"Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '14. ACM, 67--80","author":"Santos Nuno","year":"2014","unstructured":"Nuno Santos, Himanshu Raj, Stefan Saroiu, and Alec Wolman. 2014. Using ARM trustzone to build a trusted language runtime for mobile applications. In Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '14. ACM, 67--80. 10.1145\/2541940.2541949"},{"key":"e_1_3_2_1_70_1","volume-title":"Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses, RAID '22. ACM, 56--71","author":"Schwarz Fabian","year":"2022","unstructured":"Fabian Schwarz. 2022. TrustedGateway: TEE-Assisted Routing and Firewall Enforcement Using ARM TrustZone. In Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses, RAID '22. ACM, 56--71. 10.1145\/3545948.3545961"},{"key":"e_1_3_2_1_71_1","unstructured":"SEOMoz Inc. 2023. Top 500 Most Popular Websites. https:\/\/moz.com\/top500. Accessed 2023-03-01."},{"key":"e_1_3_2_1_72_1","volume-title":"Proceedings of the 21st ACM Symposium on Operating Systems Principles 2007, SOSP '07. ACM, 335--350","author":"Seshadri Arvind","year":"2007","unstructured":"Arvind Seshadri, Mark Luk, Ning Qu, and Adrian Perrig. 2007. SecVisor: A tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In Proceedings of the 21st ACM Symposium on Operating Systems Principles 2007, SOSP '07. ACM, 335--350. 10.1145\/1294261.1294294"},{"key":"e_1_3_2_1_73_1","volume-title":"Annual Report","author":"SoftBank Group","year":"2020","unstructured":"SoftBank Group. 2020. Annual Report 2020. https:\/\/group.softbank\/system\/files\/pdf\/ir\/financials\/annual_reports\/annual-report_fy2020_01_en.pdf. Accessed 2023-07-03."},{"key":"e_1_3_2_1_74_1","volume-title":"Proceedings of the 8th IEEE Conference on Communications and Network Security, CNS '20","author":"Spensky Chad","year":"2020","unstructured":"Chad Spensky, Aravind Machiry, Marcel Busch, Kevin Leach, Rick Housley, Christopher Kruegel, and Giovanni Vigna. 2020. TRUST.IO: Protecting Physical Interfaces on Cyber-physical Systems. In Proceedings of the 8th IEEE Conference on Communications and Network Security, CNS '20. IEEE, 1--9. 10.1109\/CNS48642.2020.9162246"},{"key":"e_1_3_2_1_75_1","volume-title":"Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection, RAID '08 (Lecture Notes in Computer Science","volume":"58","author":"Srivastava Abhinav","unstructured":"Abhinav Srivastava and Jonathon T. Giffin. 2008. Tamper-Resistant, Application-Aware Blocking of Malicious Network Connections. In Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection, RAID '08 (Lecture Notes in Computer Science, Vol. 5230). Springer, 39--58. 10.1007\/978-3-540-87403-4_3"},{"key":"e_1_3_2_1_76_1","volume-title":"Number of IoT connected devices worldwide 2019-2021, with forecasts to","author":"Insights Transforma","year":"2030","unstructured":"Transforma Insights. 2022. Number of IoT connected devices worldwide 2019-2021, with forecasts to 2030. https:\/\/www.statista.com\/statistics\/1183457\/iot-connected-devices-worldwide\/. Accessed 2022-10-13."},{"key":"e_1_3_2_1_77_1","volume-title":"Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec '21","author":"Wan Shengye","year":"2021","unstructured":"Shengye Wan, Kun Sun, Ning Zhang, and Yue Li. 2021. Remotely controlling TrustZone applications?: A study on securely and resiliently receiving remote commands. In Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec '21. ACM, 204--215. 10.1145\/3448300.3468501"},{"key":"e_1_3_2_1_78_1","volume-title":"Proceedings of the 43th IEEE Symposium on Security and Privacy, S&P '22","author":"Wang Jinwen","year":"2022","unstructured":"Jinwen Wang, Ao Li, Haoran Li, Chenyang Lu, and Ning Zhang. 2022. RT-TEE: Real-time System Availability for Cyber-physical Systems using ARM TrustZone. In Proceedings of the 43th IEEE Symposium on Security and Privacy, S&P '22. IEEE, 352--369. 10.1109\/SP46214.2022.9833604"},{"key":"e_1_3_2_1_79_1","unstructured":"WithSecure Labs. 2022. OP-TEE TrustZone bypass at wakeup on NXP i.MX6UL. https:\/\/labs.withsecure.com\/advisories\/op-tee-trustzone-bypass-at-wakeup-on-nxp-imx6ul. Accessed 2022-12-07."},{"key":"e_1_3_2_1_80_1","volume-title":"Proceedings of the 40th IEEE Symposium on Security and Privacy, S&P '19","author":"Xu Meng","year":"2019","unstructured":"Meng Xu, Manuel Huber, Zhichuang Sun, Paul England, Marcus Peinado, Sangho Lee, Andrey Marochko, Dennis Mattoon, Rob Spiger, and Stefan Thom. 2019. Dominance as a New Trusted Computing Primitive for the Internet of Things. In Proceedings of the 40th IEEE Symposium on Security and Privacy, S&P '19. IEEE, 1415--1430. 10.1109\/SP.2019.00084"},{"key":"e_1_3_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2778504"},{"key":"e_1_3_2_1_82_1","volume-title":"Proceedings of the 34th International Conference on Computer Aided Verification, CAV '22 (Lecture Notes in Computer Science","volume":"316","author":"Yuan Shenghao","year":"2022","unstructured":"Shenghao Yuan, Fr\u00e9d\u00e9ric Besson, Jean-Pierre Talpin, Samuel Hym, Koen Zandberg, and Emmanuel Baccelli. 2022. End-to-End Mechanized Proof of an eBPF Virtual Machine for Micro-controllers. In Proceedings of the 34th International Conference on Computer Aided Verification, CAV '22 (Lecture Notes in Computer Science, Vol. 13372). Springer, 293--316. 10.1007\/978-3-031-13188-2_15"},{"key":"e_1_3_2_1_83_1","volume-title":"Proceedings of the 9th IFIP International Conference on Performance Evaluation and Modeling in Wireless Networks, PEMWN '20","author":"Zandberg Koen","year":"2020","unstructured":"Koen Zandberg and Emmanuel Baccelli. 2020. Minimal Virtual Machines on IoT Microcontrollers: The Case of Berkeley Packet Filters with rBPF. In Proceedings of the 9th IFIP International Conference on Performance Evaluation and Modeling in Wireless Networks, PEMWN '20. IEEE, 1--6. 10.23919\/PEMWN50727.2020.9293081"},{"key":"e_1_3_2_1_84_1","volume-title":"Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security, CCS '17. ACM, 1789--1806","author":"Zinzindohou\u00e9 Jean Karim","year":"2017","unstructured":"Jean Karim Zinzindohou\u00e9, Karthikeyan Bhargavan, Jonathan Protzenko, and Benjamin Beurdouche. 2017. HACL*: A Verified Modern Cryptographic Library. In Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security, CCS '17. ACM, 1789--1806. 10.1145\/3133956.3134043"}],"event":{"name":"ASIA CCS '24: 19th ACM Asia Conference on Computer and Communications Security","location":"Singapore Singapore","acronym":"ASIA CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 19th ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3637643","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T23:44:05Z","timestamp":1750290245000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3634737.3637643"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7]]},"references-count":84,"alternative-id":["10.1145\/3634737.3637643","10.1145\/3634737"],"URL":"https:\/\/doi.org\/10.1145\/3634737.3637643","relation":{},"subject":[],"published":{"date-parts":[[2024,7]]},"assertion":[{"value":"2024-07-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}