Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
ShieLD: Shielding Cross-zone Communication within Limited-resourced IoT Devices running Vulnerable Software Stack
RISE Research Institutes of Sweden, Digital Systems.
RISE Research Institutes of Sweden, Digital Systems.
RISE Research Institutes of Sweden, Digital Systems.
RISE Research Institutes of Sweden, Digital Systems, Data Science.ORCID iD: 0000-0001-8192-0893
2023 (English)In: IEEE Transactions on Dependable and Secure Computing, ISSN 1545-5971, E-ISSN 1941-0018, Vol. 20, no 2, p. 1031-Article in journal (Refereed) Published
Abstract [en]

Securing IoT devices is gaining attention as the security risks associated with these devices increase rapidly. TrustZone-M, a Trusted Execution Environment (TEE) for Cortex-M processors, ensures stronger security within an IoT device by allowing isolated execution of security-critical operations, without trusting the entire software stack. However, TrustZone-M does not guarantee secure cross-world communication between applications in the Normal and Secure worlds. The cryptographic protection of the communication channel is an obvious solution; however, within a low-power IoT device, it incurs high overhead if applied to each cross-world message exchange. We present ShieLD, a framework that enables a secure communication channel between the two TrustZone-M worlds by leveraging the Memory Protection Unit (MPU). ShieLD guarantees confidentiality, integrity and authentication services without requiring any cryptographic operations. We implement and evaluate ShieLD using a Musca-A test chip board with Cortex-M33 that supports TrustZone-M. Our empirical evaluation shows, among other gains, the cross-zone communication protected with ShieLD is 5 times faster than the conventional crypto-based communication. 

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc. , 2023. Vol. 20, no 2, p. 1031-
Keywords [en]
Codes, Communication channels, Computer architecture, Cortex-M, IoT, IoT Security, Memory management, Program processors, Software, TEE, Trusted Execution Environments, TrustZone, TrustZone-M, Virtualization, Communication channels (information theory), Cryptography, Memory architecture, Code, Communications channels, Cortexes, Memory-management, Virtualizations, Internet of things
National Category
Communication Systems
Identifiers
URN: urn:nbn:se:ri:diva-59089DOI: 10.1109/TDSC.2022.3147262Scopus ID: 2-s2.0-85124184486OAI: oai:DiVA.org:ri-59089DiVA, id: diva2:1651956
Available from: 2022-04-14 Created: 2022-04-14 Last updated: 2023-07-03Bibliographically approved

Open Access in DiVA

fulltext(4259 kB)198 downloads
File information
File name FULLTEXT01.pdfFile size 4259 kBChecksum SHA-512
c7d575fd4eded4cbd2506de0af318ee129eceb75bcc90d63c25d0cb080f6e45d4bf0810ea434f3495f74d025f8f0680c7800cbd72e5f299fff59695e50b9ace5
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Raza, Shahid

Search in DiVA

By author/editor
Raza, Shahid
By organisation
Digital SystemsData Science
In the same journal
IEEE Transactions on Dependable and Secure Computing
Communication Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 200 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 212 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf